/
5 minute read
September 15, 2023

Managing Lost, Stolen, or Damaged Cards

You might need to limit, suspend, terminate and reissue, or replace a card if it is lost, damaged, or stolen. You can perform these actions on physical and virtual cards, as well as on any digital wallet tokens sourced from the affected card.

Note that the state of any digital wallet token is independent from the state of its source card and independent from all other digital wallet tokens, even if they share the same source card. For example, in order to suspend a card and two digital wallet tokens sourced from that card (say, one provisioned to a phone and one to a laptop), you would make three API calls — one for the card and one for each digital wallet token.

Lost or stolen cards

If a card is lost or stolen, you should reissue the card with a new primary account number (PAN).

To reissue a card with a new PAN (and move the PIN and digital wallet tokens from the old card to the new card), send a POST request to the /cards endpoint. In the request, include the card’s token field value in the new_pan_from_card_token field. The old PAN is automatically terminated when the card is reissued with a new PAN. Associated digital wallet tokens are not terminated.

Optionally, you can copy the PIN from the old card to the new card. You can also reassign all digital wallet tokens associated with the stolen card to the new card (this option eliminates the need to terminate the tokens and then provision new ones). To copy the PIN and reassign digital wallet tokens to the new card, include the card’s token field value in the translate_pin_from_card_token field and the activation_actions.swap_digital_wallet_tokens_from_card_token field in your POST request to the /cards endpoint. Note that the digital wallet tokens are not reassigned until the reissued card is activated.

To terminate a digital wallet token, send a POST request to the /digitalwallettokentransitions endpoint and set the state field to TERMINATED.

Damaged cards

If a card is damaged, replace the card. A replaced card has the same PAN as the old card but a new CVV2 and expiration date. The damaged card does not need to be suspended or terminated immediately.

To replace a card, send a POST request to the /cards endpoint and set the reissue_pan_from_card_token field to the value of the old card’s token field. This action creates a new card with the same PAN as the old card but with a new CVV2 and new expiration date. All associated digital wallet tokens are reassigned to the new card when it’s activated.

Tip
  • You can replace only the most recent in a chain of replaced cards.

  • You can tokenize only the most recent in a chain of replaced cards.

  • You can replace a card only to the original user.

  • You cannot replace a physical card with a virtual card.

  • You can replace a virtual card with a physical card.

Subscribe to our developer newsletter