Program Controls in the Dashboard
The Control Center in Program Controls allows you to manage dashboard options and users, including:
Commando mode |
Enable and disable Commando Modes and view Commando Mode control set details. |
User profiles |
Manage Marqeta Dashboard users by controlling access, viewing and editing user information, adding users, and defining roles. |
Audit logs |
View audit logs for customer and business records. |
ACH management |
Enable ACH direct deposit. |
PIN reveal |
Display cardholder forgotten PINs to them via mobile application. |
3D secure |
Enable and configure 3D Secure options. |
Card products |
Create, edit, and view card products. |
How to…
Copy section link
Commando Mode
Copy section link
If your system cannot respond to a Gateway JIT Funding request, the Marqeta platform can use Commando Mode to make authorization decisions on your behalf based on defined business rules. The Marqeta platform stores any unsent webhooks for later transmission, so that card states and account balances on your system correspond with activity that occurred while Commando Mode was in effect.
Viewing Commando Mode controls
Copy section link
To view current Commando Mode controls:
Enabling or disabling a Commando Mode control
Copy section link
To enable or disable a Commando Mode control:
-
Go to Program Controls > Control center > Commando mode.
-
Select the toggle button in the Status column for the Commando Mode control to change.
-
In the popup window, enter a reason and select Enable or Disable.
Viewing Commando Mode control information
Copy section link
To view Commando Mode control information:
-
Go to Program Controls > Control center > Commando mode. The enabled by, enable channel, and enable reason are displayed at the top.
-
To enable or disable the current control, select the toggle button, enter a reason in the popup, and select Enable or Disable.
-
Select Details, Control, or Transition History tab to view that information. The information for each tab is described below.
Commando mode control information
Copy section link
| Field | Description |
|---|---|
Last Enabled By |
The user who most recently enabled the Commando Mode control set. |
Last Enabled Reason |
The reason that the Commando Mode control set was last enabled. |
Last Enabled Channel |
The mechanism that most recently changed the Commando Mode control set’s state: |
Details
Copy section link
This tab shows details for Protected Funding Sources and Real Time Stand In Info.
Protected funding sources
Copy section link
| Field | Description |
|---|---|
Name |
The name of the funding program. |
Url |
The URL of the gateway endpoint hosted in your environment, to which |
Token |
The unique identifier of the funding source. |
Timeout |
Total timeout in milliseconds for gateway processing. |
Account |
Funding source account. |
Created |
A timestamp of when this Commando Mode was created in the Marqeta API. |
Last Modified |
A timestamp of when this Commando Mode was last updated in the Marqeta API. |
Real time stand in info
Copy section link
| Field | Description |
|---|---|
Enabled |
If |
Include Connection Errors |
If |
Include Response Errors |
If |
Include Application Errors |
If |
Controls
Copy section link
This tab provides information on the velocity control set defined for this Commando Mode control.
Velocity controls
Copy section link
| Field | Description |
|---|---|
Token |
The unique identifier of the velocity control set. |
Name |
The name of the funding program. |
Usage Limit |
Maximum number of times (between 0 and 100) a card can be used within the time period defined by the |
Approvals Only |
If |
Include Purchases |
Indicates whether purchases are subject to control. |
Include Withdrawals |
Indicates whether ATM withdrawals are subject to control. |
Include Transfers |
Indicates whether transfers are subject to control. |
Include Cashback |
Indicates whether cashbacks from a point of sale are subject to control. |
Currency Code |
The three-digit ISO 4217 currency code: |
Amount Limit |
The maximum monetary sum that can be cleared within the time period defined by the Velocity Window field. |
Velocity Window |
Defines the time period to which the
If set to |
Active |
Indicates whether the program gateway funding source is active. |
Auth controls
Copy section link
This table describes the authorization controls defined for this Commando Mode control set.
| Field | Description |
|---|---|
Token |
The unique identifier of the auth controls. |
Name |
The name of the auth controls. |
Start Time |
The starting time for the auth controls. |
End Time |
The ending time for the auth controls. |
Active |
Indicates whether the auth controls are active. |
Transition history
Copy section link
This tab provides details for each of the transitions for this Commando Mode control set.
| Field | Description |
|---|---|
Enabled |
Indicates the current status of the Command Mode control set. |
Reason |
The reason the current state of the Commando Mode control set was changed. |
Channel |
The mechanism that changed the Commando Mode control set’s state: |
Username |
Identifies the user who changed the Commando Mode control set’s state. |
Token |
The unique identifier of the Commando Mode transition. |
Type |
The type of transition: enabled or disabled. |
Commando Mode Token |
The unique identifier of the Commando Mode control set. |
Created |
The date and time that the transition was created. |
Name |
The name of the transition. |
User profiles
Copy section link
User Profiles allows you to manage access to the Marqeta Dashboard. You can:
-
View user information.
-
Add users and edit user information.
-
Define user roles.
-
Enable and disable users.
-
Impersonate users.
View user information
Copy section link
To view user information, go to Control center > User profiles. The Users tab lists current users along with the following information:
| Column | Description |
|---|---|
The user’s email address. An invitation to join is sent to this address. |
|
Status |
The user’s status: Active or Disabled. |
First Name |
The user’s first name. |
Last Name |
The user’s last name. |
Org Name |
The user’s organization. |
Org Type |
The type of organization, such as Customer, Bank, or Card Network. |
Programs |
Programs whose information the user can view. |
Role |
The user’s role: Viewer or Admin. |
Departments |
The user’s department within in the organization. |
Supplements |
Supplemental level of data control for the user, if any: Detail or PII. |
Date Created |
The date when the user was added. |
Date Updated |
The most recent date when the user’s information was updated. |
Filtering by column
Copy section link
To filter rows by column, enter the sequence of letters you want to filter on in the text box at the top of the column. As you type, the matching rows are filtered dynamically.
Adding users
Copy section link
To add a user:
-
In the Users tab, select Add user.
-
In the popup window, enter the user’s information. For Role, choose a one of the roles, as described in Roles below. For Department, choose one or more described in Departments below.
-
Select Add user. The user receives an email invitation to join.
Note
By default, access to personally identifiable information (PII) is denied. Access can only be granted with accordance to your company and the issuing bank’s privacy and information security policies.If a user needs access to PII, submit a request to analytics@marqeta.com providing user information along with a brief but complete explanation of why PII access is needed. For example, "Customer service rep needs PII access to resolve customer KYC issues." Users should be granted the lowest level of access required to fulfill their job responsibilities. If you have any questions, contact your Marqeta representative or send your question to analytics@marqeta.com.
Resending an invitation
Copy section link
To resend an invitation:
-
Go to Program Controls > Control center > User profiles, and select the row for the user.
-
In the User profile management pane, select Resend Invite.
Editing a user’s information
Copy section link
To edit a user’s information:
-
Go to Program Controls > Control center > User profiles, and select the row for the user.
-
In the User profile pane, update any of the user’s basic information, or add and remove programs, departments, roles, and supplements as necessary.
-
Select Save.
Enabling and disabling users
Copy section link
To enable or disable a user:
-
Go to Program Controls > Control center > User profiles, and select the row for the user.
-
In the User profile pane, select the Edit icon in the upper-right corner.
-
Select the Status toggle control to change the user’s status and then select Save.
Impersonating a user
Copy section link
If you have the Admin or Support role, you can impersonate some users, as described in Roles below.
To impersonate another user:
-
In Program Controls > Control center > User profiles, select the row for the user.
-
In the User profile pane, select View as <user_name>. The Dashboard as seen by the selected user is displayed, where you can act as that user.
-
When you have finished, select End at the bottom.
Roles
Copy section link
Roles define the privileges that are available to dashboard users. Users can be assigned the following roles:
| Column | Description |
|---|---|
Admin |
Can create and modify Viewer and Support accounts with the same domain names as their own, revoke their credentials, impersonate users that they have provisioned, and view reports. |
Support |
Can view reports and impersonate other users with the Viewer privilege in the same program as their own. |
Viewer |
Can only view reports. |
Departments
Copy section link
The Departments reflect the organization for a typical business. You can assign one or more departments to a user. The following departments are available:
| Column | Description |
|---|---|
Analytics |
(Read only) Works with data to interpret patterns and trends to improve business decision-making, reduce fraud, and provide deeper business insights. |
Business Development |
(Read only) Creates long-term value by interpreting markets, customers, and business relationships. |
Compliance |
(Read only) Ensures that the organization complies with applicable laws and regulations, helping preserve the organization’s integrity and reputation. |
Compliance – Processor Only |
An external role for users responsible for managing transaction disputes at Powered By customers. |
Compliance – Program Managed |
An external role for users responsible for managing transaction disputes at Managed By customers. |
Customer Service |
Responsible for assisting users with a range of issues that may include suspending accounts, updating billing information, initiating user disputes. Assists customers in making effective use of company products. |
Customer Success |
(Read only) Proactively ensures that customers successfully and efficiently use the company’s products. |
Engineering |
(Developer) Researches, designs, and implements the technical development of financial products. |
Finance — Other |
Manages company finances, including financial planning, auditing, accounting, and produces financial statements. |
Finance — Settlement |
Ensures that funds transferred between the merchant’s and the card user’s bank are successfully concluded. Additionally, the Settlement team reconciles the daily drawdowns from card networks to internal data to ensure appropriate funds movement and identifies exceptions in internal transactional data. |
General |
(Read only) Business activities that do not fall within a specific business department. |
Human Resources |
(Read only) Responsible for employee well-being, including payroll, benefits, hiring, firing, and staying up to date with tax laws. |
Legal |
(Read only) Provides legal advice on business issues, drafting commercial agreements, ensuring the company complies with applicable laws and regulations, and prepares required legal documents. |
Marketing |
(Read only) Researches markets and potential customers, promotes the company business, and drives sales of company products and services. |
Operations |
Manages the strategic and day-to-day production of products and the delivery of services. |
Product Management |
(Read only) Manages a product through all stages of the product lifecycle, including the people and processes required to produce the product or service. |
Program Management |
(Read only) Manages several projects with the intention of coordinating diverse efforts and improving the company’s performance. |
QA |
(Developer) Tests company products and services in order to prevent errors and defects. |
Sales |
(Read only) Sells company products by building relationships with customers, matching them with the company’s products and services, and providing a direct link between the company’s product or service and its customers. |
Audit logs
Copy section link
As information is modified on the Marqeta platform, such as server names, user names, actions are performed, and data updated, these changes are captured and logged to Marqeta’s central logging service. Audit Logs provides a view of these logs to help you trace the details of these actions.
To view audit logs, go to Program Controls > Control center > Audit logs. Audit log records are listed, and include the following information:
| Column | Description |
|---|---|
id |
Automatically assigned unique ID for the action. |
User Name |
The user performing the action. |
App Name |
The application that logged the action, such as the Marqeta Dashboard or GraphQL. |
Record id |
The record id associated with the call, if any. |
Record Operation |
The name of the query or mutation (in the case of GraphQL) or rails action (index, show, create, update, or destroy). |
Record Type |
The primary business object operated on, such as user or business. |
Program |
The program shortcode. |
Created Time |
The time that the action was created. |
Remote ip Address |
The remote IP address where the action was generated. |
User Role |
The list of roles for the user performing the action. |
Http Status Code |
The status code returned by the action. |
Http Params |
The parameters associated with the request, such as
|
Event Type |
The type of event, such as |
App Server Name |
The application server that generated the action. |
Http Path |
The HTTP path, such as |
Http Method |
The http method, such as |
Old Value |
The value before the action. |
New Value |
The value after the action. |
Notes |
Notes related to the action, if any. |
Extra Info |
Additional information about the action, if any. |
ACH management
Copy section link
Use ACH management to enable direct deposit for an account. To enable direct deposit:
-
Go to Program Controls > Control center > ACH management.
-
Enter the Routing number and Account number prefix.
-
Select Enable.
PIN Reveal
Copy section link
Using PIN Reveal you can display a cardholder’s forgotten PIN to them via your mobile application. With PIN Reveal, the online PIN is less likely to fall out of sync with the PIN stored on the chip because cardholders can reveal their existing PIN instead of resetting it to a new value.
Revealing a cardholder’s PIN requires compliance with PCI DSS data security requirements. If you are not PCI certified, use Marqeta’s Javascript library (marqeta.js) to reveal card details to the cardholder and copy these values to the clipboard for later use. You can also view the cardholder’s PIN.
Enabling PIN reveal
Copy section link
You must first request that Marqeta enable this feature for your program, then explicitly provision PIN Reveal for the program.
To provision PIN reveal:
-
After Marqeta has enabled PIN Reveal for your program, go to Control center > PIN reveal.
-
Move the Provision PIN Reveal toggle to the right to activate.
-
Select Save settings. Once PIN reveal is provisioned, you must explicitly opt-in before the feature becomes active.
Opt in Status shows the current status for the program. Possible values are Disabled, Pending program approval, or Program approved.
Viewing PIN Reveal history
Copy section link
PIN Reveal displays the three most recent events in the upper-right. To view a complete PIN Reveal history for the current program, select View full history.
3D Secure
Copy section link
3D Secure allows you to provide your customers with an added layer of protection against fraudulent online credit and debit card transactions. Supported by most card issuers, 3D Secure requires cardholders to complete an additional verification step with the issuer before a transaction is authorized.
By enabling 3D Secure, you can decrease the number of disputed transactions. 3D Secure boosts customers' confidence and helps you establish greater trust with them. For more information on 3D Secure, see About 3D Secure.
Your customers will verify their transactions using a secure code sent by SMS or email. You can provide a customer support number your customers can call if they have questions or concerns about 3D Secure.
Enabling 3D Secure
Copy section link
Your customers will use a one-time passcode (OTP) to verify their transactions, which requires them to enter a secure code sent by SMS or email.
To enable 3D Secure:
-
Go to Program Controls > Control center > 3D secure.
-
Select Enable 3D Secure.
-
Select the messages versions to support for this program. Support for v1.0.2 is required. You can add additional versions to support. Enabling support for versions other than v1.0.2 provides heightened protection against fraudulent transactions, but requires additional integration work to set up. Support of v2.2.0 is for Visa programs only.
-
To provide a customer support number for your customers to call if they have questions or concerns about 3D Secure, enter a complete number including area code.
-
If you want to provide a no-reply email address, enter an unmonitored email address such as noreply@yourdomain.com from the domain your customers typically associate with your brand. If none is provided, noreply@marqeta.com will be used. A verification link will be sent to this address during initial setup.
-
If you would like an issuer logo to appear in the OTP emails your customers receive, select Upload and choose an image file. Supported formats are .png, .jpeg, .tiff, and .bmp. Maximum file dimensions are 47 pixels (height) x 140 pixels (width). Maximum file size is 5 MB.
3D Secure Decision and Result services
Copy section link
Enable this pair of services to allow Marqeta to manage 3DS strong customer authentication (SCA) decisions for your program.
3D Secure Decision service
Copy section link
The 3D Secure Decision Service enables you to configure and implement Marqeta’s 3D Secure decision-making policy instead of developing or hosting your own solution. 3D Secure Decision Service rules determine whether the system applies SCA to an incoming transaction authentication request or exempts it. Enabling this service strikes a balance between your customers' frictionless experience and the risk of fraud.
3D Secure Result service
Copy section link
The 3D Secure Results Service is used to trigger the Marqeta platform to update the result of the cardholder’s SCA challenge. It informs the 3D Secure Decision Service whether or not the strong customer authentication (SCA) has succeeded, which is required to score future transactions by this cardholder more accurately.
To enable 3D Secure Decision and Result services, configure your program attributes by providing a URL and login credentials:
-
Toggle Enable 3D Secure Decision and Result services to the right.
-
For 3D Secure Decision service program attributes, enter the fully qualified domain name (FQDN) of the endpoint where you want event notifications to be sent, for example https://www.yourdomain.com/webhook. The URL cannot exceed 200 characters in length.
-
Enter the username associated with the user authorized to access the endpoint specified in the Endpoint URL field. The username cannot exceed 500 characters in length.
-
Enter a password for the username used to access the endpoint specified by the Endpoint URL field. The password you choose must be between 8 and 500 characters in length.
-
To use the same program attributes for 3D Secure Results service program that you entered for 3D Secure Decision service program, select the Use my 3D Secure Decision service program attributes checkbox. Otherwise, enter the endpoint URL, username, and password.
Advanced authentication service
Copy section link
Enable Advanced authentication services to allow Marqeta to manage 3DS strong customer authentication (SCA) decisions for your program.
-
Toggle Enable Advanced authentication services to the right.
-
Enter the fully qualified domain name (FQDN) of the endpoint where you want event notifications to be sent, for example https://www.yourdomain.com/webhook. The URL cannot exceed 200 characters in length.
-
Enter the username associated with the user authorized to access the endpoint specified in the Endpoint URL field. The username cannot exceed 500 characters in length.
-
Enter a password for the username used to access the endpoint specified by the Endpoint URL field. The password you choose must be between 8 and 500 characters in length.
Card products
Copy section link
Use card products to manage card products that are available to issue from Card Management.
To view or edit card products:
-
Go to Program Controls > Control center > Card products. The list of current products is displayed with the following information.
Field Description Card product name
The name of the card product.
Network
The network associated with the card product.
Type
The type of card product: debit, credit, or prepaid.
Classification
The classification of the card product: consumer or commercial.
BIN prefix
The prefix of the bank identification number (BIN).
Token
The card product identifier.
-
To edit a card product, select the row, edit the details, and select Submit for Approval.
To create a new card products:
-
Go to Program Controls > Control center > Card products.
-
Select + Add card product.