/
20 minute read
October 5, 2022

Release Notes

September 2022

Release 2022.9.19.0

The 2022.9.19.0 release of the Marqeta platform contains infrastructure improvements and back-end issue fixes only. There are no customer-facing enhancements or fixed issues in this release.

Release 2022.9.5.0
New features
Birth date validation for cardholders and individuals associated with businesses

Marqeta now validates the date of birth of both cardholders and individuals associated with businesses. To enable birth date validation for your program, contact your Marqeta representative.

New Credit Journal Entries report

Use the new Credit Journal Entries report to view details of all journal entries for all credit accounts in a program, such as the status and amount. For details about this report in the Marqeta Dashboard, see Reports in the Dashboard.

For details on using the DiVA API GET /views/credit/journalentries/detail endpoint to retrieve the journal entries, see Credit journal entries.

New digital wallets web push provisioning endpoints

Use the new digital wallets web push provisioning endpoints to add payment cards to Apple Pay and Google Wallet via your web application. Note that these endpoints are currently in beta. For more information, see Digital Wallets Management.

Notable documentation changes
Improved information architecture for credit API reference pages

The Core API Credit documentation is now divided into several new categories, each pertaining to a specific Credit API: Credit Programs, Credit Account Origination, Credit Account Management, Credit Account Servicing, and Credit Reward Programs. This information architecture change makes it easier to find the Credit API reference documentation you are looking for.

You can find documentation for credit account APIs on these new reference pages:

New credit application transition endpoint documentation

Use the new application transition endpoint to retrieve an array of transitions on a specific application. Note that this endpoint is currently in beta.

Updated About Credit Accounts guide

The Status section of the About Credit Accounts guide now includes the new CHARGE_OFF status for credit accounts, as well as a new infographic that presents credit account status transitions.

The About Credit Accounts guide also includes new information on periodic fees and fee schedules.

Credit reports contain extra details

The Reports In-depth guide has been enhanced to include more information about Credit reports, such as the refresh rate.

Updated digital wallet names

The Digital Wallets documentation now uses the updated digital wallet names Google Wallet and Samsung Wallet.

Updated API reference documentation pages

Several API reference pages are now generated directly by parsing Marqeta’s API definition files in OpenAPI format. This single-source approach ensures that the documentation remains synchronized with the API at all times.

You may therefore notice slight differences in the information architecture of this page:

August 2022

Release 2022.8.22.1

The 2022.8.22.1 release of the Marqeta platform contains infrastructure improvements and back-end issue fixes only. There are no customer-facing enhancements or fixed issues in this release.

Release 2022.8.8.0
New features
Real-Time Decisioning now available

Real-Time Decisioning, part of Marqeta’s RiskControl fraud solution, is now in general availability (GA) release. Real-Time Decisioning provides fine-tuned control over card transactions using rules based on hundreds of data attributes, including the network risk score, spend amount, cardholder risk profile, merchant ID, and geolocation.

The Real-Time Decisioning dashboard provides an editor for writing and editing business rules using ARIC Model Definition Language (AMDL™), which is a dedicated language for fraud detection. The dashboard includes a wizard to generate business rules, tags, and variables, and to run offline unit tests. Real-Time Decisioning also includes an endpoint for reporting false positives. Learn more: Real-Time Decisioning Overview.

New configuration of minimum program funding account balances for ACHO transfers

This release includes a new configuration for checking the minimum balance of a program funding account when initiating push transfers using ACH Origination. This configuration specifies the minimum allowed balance of the program funding account after the push transfer is approved. If the transfer would reduce the program funding account balance below the specified minimum, then the customer would receive the following error message:

JSON
Copied

Is this helpful?

Yes
No

For more information about configuring this feature, contact your Marqeta representative.

Notable documentation changes
New documentation set for Real-Time Decisioning

A new documentation set for the Real-Time Decisioning feature has been added, including several guides, references, and tutorials. See Real-Time Decisioning Overview.

Powered By Marqeta in Europe guide moved

The About Powered By Marqeta in Europe guide is now located in the Marqeta in Europe collection.

New card products guide

To learn about Marqeta card products in Europe and their characteristics, see Card Products.

New strong customer authentication guides

Learn about strong customer authentication in Europe in About Strong Customer Authentication. To learn about the technical requirements for strong customer authentication in Europe, see Managing Strong Customer Authentication.

New credit policies and bundles beta documentation

Learn about how to use the Marqeta Dashboard to manage your credit program’s policies and bundles in this new guide:

Although you must use the Marqeta Dashboard to manage policies and bundles, you can consult this new API documentation for reference purposes only:

New credit applications API reference page

Use the new applications endpoints to create and manage credit account applications and retrieve disclosures that you can show to an applicant during the application process. See this new API reference page:

In-depth information added for credit reports

Credit report details, which apply to both the Reporting dashboard and DiVA API, have been added to Reporting In-Depth. See Reports In-Depth.

Updated report descriptions

Some report descriptions have been updated to reflect minor dashboard changes. See Reports in the Dashboard and Reports In-Depth.

July 2022

As a way to offer you features and issue resolutions more quickly, in July 2022 the Marqeta platform switched from a monthly release cadence to releasing biweekly.

Contact your Marqeta representative for more information.

Release 2022.7.25.0
New features
Specify amount limit for low-value payments with transaction risk analysis exemptions

You can now specify the maximum amount for a single low-value payment transaction with a transaction risk analysis (TRA) exemption in the sca_tra_exemption_amount_limit field of the strong_customer_authentication_limits object.

For detailed information about this field and the strong_customer_authentication_limits object, see the Card Products API reference page.

Support for "one-leg-out" transactions

"One-leg-out" (OLO) transactions are those in which a cardholder from a strong customer authentication (SCA) mandated country or region such as the United Kingdom or the European Union performs an e-commerce transaction with a merchant from a non-SCA mandated country, such as the United States. With this release of the Marqeta platform, if your program has enabled both SCA low-value payment (LVP) controls and the OLO exemption, Marqeta will not soft decline OLO transactions that have not been authenticated using 3D Secure.

The transaction response payloads of JIT requests, webhooks, and GET /transactions API requests indicate OLO transactions with a new field in the transaction_metadata object:

JSON
Copied

Is this helpful?

Yes
No

To enable this feature, contact your Marqeta representative.

Changed functionality
New alpha-3 currency codes for Sierra Leone

Sierra Leone has redenominated their currency from the Leone to the New Leone. One New Leone is worth 1000 Leone.

To reflect this change, Visa has introduced new alpha-3 currency codes for Sierra Leone. The currency codes for the New Leone are SLE and 925.

The existing alpha-3 codes for the Leone, SLL and 694, are still supported, but all transactions in Sierra Leone currency must use the new currency codes beginning 1 October 2022.

Release 2022.7.11.0
New features
Reduced API latency across all platform endpoints

Marqeta is always optimizing systems for increased performance. With this release, Marqeta has reduced API latency by as much as 60% across all endpoints on the Marqeta platform.

Changed functionality
New fields in card acceptor object in transaction response payloads

The card_acceptor object in transaction response payloads now includes three new fields: country_of_origin, transfer_service_provider_name, and payment_facilitator_name. For detailed information about these new fields, see Transactions.

Fees object now included in Gateway JIT transaction response payloads

Gateway JIT transaction response payloads now include the fees object along with the existing acquirer_fee_amount field to keep the data consistent with authorization webhook payloads.

Gateway JIT transaction response payloads now include the following details about fees:

JSON
Copied

Is this helpful?

Yes
No
Fixed: ATM balance inquiries rejected by the Marqeta platform

An issue that caused ATM balance inquiries to be rejected by the Marqeta platform has been resolved in this release.

Fixed: Gateway JIT fees did not match authorization webhook payloads

Gateway JIT messages now include the same fee data as the authorization webhook payloads for a given transaction.

June 2022

New features
Public availability of OpenAPI 3.0 definitions

We are proud to announce the publishing of our OpenAPI 3.0 definitions in a dedicated, public GitHub repository: https://github.com/marqeta/marqeta-openapi. Using these OpenAPI definitions, you can now build your SDKs and implement your product, based on the same source we use to generate our public documentation and APIs. This is an exciting next step toward improving our overall Developer Experience, and is part of our effort to create a single source of truth for our APIs.

Note that this is a beta release limited to our Core API endpoints, and that the work is ongoing. We would love to hear your feedback if you use our definitions for testing or prototyping purposes.

Require identity verification step-up at the card product level

You can now require identity verification step-up ("yellow path" further information) for all digital wallets at the card product level by setting the new force_yellow_path_for_card_product field to true.

For information about the process for approving digital wallet tokens, see Token approval process.

Changed functionality
ACH Origination transactions now include the bank transfer identifier

ACH Origination transactions now include the unique identifier of the bank transfer in the bank_transfer_token field of GET /transactions response bodies. The Marqeta Dashboard team uses this identifier to fetch detailed information about a given bank transfer.

3D Secure webhook events

The Marqeta platform now sends webhook events for 3D Secure 1.x and 2.x initialization and completion events. For information about 3D Secure webhook events, see 3D Secure transition events.

Widgets infrastructure performance improvement

Service scalability and infrastructure are an ongoing goal for the Marqeta platform, and a recent optimization of our widgets infrastructure led to an incredible improvement in performance. The observed latency for widgets provisioning (p95) was reduced by almost half.

Fixed: JIT funding fields missing from reversal transaction webhook payloads

An issue that prevented the jit_funding.acting_user_token and jit_funding.user_token fields from appearing in some reversal transaction webhook payloads has been fixed in this release.

Notable documentation changes
Help choosing between Swagger v2.0 and OpenAPI v3.0

A new section "Choosing an API definition file" was added to the SDKs page to clarify the differences between the Marqeta platform’s Swagger v2.0 and OpenAPI v3.0 API definition files. For even more information, see Marqeta’s blog post on the beta release of the platform’s OpenAPI definition.

May 2022

New features
New field to support Mastercard Article AN-4224

To support Mastercard Article AN-4224, Marqeta now includes a new field in the transaction payload of Gateway JIT messages, webhooks, and GET /transactions requests that contains the details of a government-controlled merchant’s country-of-origin code. This new field is named country_of_origin and is included in the existing card_acceptor object.

A merchant’s country of origin can be different from the country in which the merchant is located. For example, embassies are physically located in countries that are not their country of origin: a Mexican embassy might be physically located in Singapore, but the country of origin is Mexico.

This field is included when the cardholder conducts a transaction with a government-controlled merchant using a Marqeta-issued card.

Tokenization-as-a-Service (Beta)

You can use Marqeta’s tokenization features for your program, even if Marqeta is not your issuer processor. For more information about tokenization as a service, see Tokenization-as-a-Service (Beta).

New credit account journal entries

Learn about credit account journal entries, which are records of an entry made on a credit account journal, such as purchase transactions, fees, adjustments, and more. Journal entries are a newer version of ledger entries and replaces ledger entries.

The following journal entry endpoint references have been added to Credit Accounts:

To learn about journal entry webhooks, see Credit journal entry events.

Changed functionality
Breaking change for Account Funding and Original Credit Transactions

In previous releases, Marqeta included both the original_credit and account_funding objects in transaction payloads of JIT Gateway requests, webhooks, and GET /transactions API requests, rather than including only the appropriate object for the transaction.

To address this issue, Marqeta changed the transaction payloads in this release to ensure that original credit transactions only include the original_credit object, and account funding transactions only include the account_funding object.

If your program receives either original credit or account funding transactions, be aware that your transaction payloads now incorporate this change.

Improved sample code blocks with enhanced syntax highlighting

The code block component used to display code examples throughout all collections of the Marqeta platform documentation has been enhanced with more meaningful syntax highlighting that better reflects the language of the code used in the example. The language name, such as bash, JSON, or cURL, now appears in the code block header. In the case of a longer code example that has been truncated, the number of hidden lines is displayed, allowing you to decide if you want to load the entire example.

Account verification transactions from blocked merchants and merchant categories now declined automatically

Account verification transactions, or "$0 Auths", are now automatically declined if they are sent from blocked merchant category codes (MCCs) or merchant identifiers (MIDs). You can choose to add to an allow list any account verification transactions using specific MIDs from blocked MCCs, as you can for regular purchase transactions.

Changed network response codes to support Mastercard data integrity compliance

When you decline a transaction with a decline_reason of CLOSED_ACCOUNT, Marqeta now sends the network response code 14: JIT Response Closed Account to Mastercard.

This change minimizes use of the 05 - Do not honor response code to support data integrity compliance.

Corrected network response code for soft declines due to missing customer authentication

When you decline a transaction with a decline_reason of SOFT_DECLINE_AUTHENTICATION_REQUIRED, Marqeta now sends the correct network response code 1A - Additional customer authentication required to Visa.

Removed ALL as an allowable value of the transaction model

The ALL state for individual transaction objects has been removed from the transaction model. ALL is still an allowable value in GET requests to the /transactions endpoint.

Fixed: card_acceptor object was included in gpa.credit.authorization payloads

An issue that caused the card_acceptor object to appear in gpa.credit.authorization payloads has been fixed in this release.

Fixed: MoneySend transactions declined due to invalid service code

An issue that caused some MoneySend transactions to be declined due to an invalid service code has been fixed in this release. This issue impacted a small number of Mastercard MoneySend transactions. These transactions will no longer be declined due to a service code mismatch.

Changed how credit users subscribe to card transition and digital wallet token transition events

Credit users no longer receive credit card transition and credit digital wallet token transition events by subscribing to credit.*. For more on how to subscribe to these events, see Card transition events and Digital wallet token transition events.

Notable documentation changes
Updated API reference documentation pages

Several API reference pages are now generated directly by parsing Marqeta’s API definition files in OpenAPI format. This single-source approach ensures that the documentation remains synchronized with the API at all times.

You may therefore notice slight differences in the information architecture of this new page:

April 2022

New features
New response code for declined card present JIT funding transactions

The Marqeta platform now applies the transaction response code 1918 – JIT response soft decline PIN required to card present transactions that are declined at the point of sale because the cardholder’s PIN was not entered.

New response code for refund.authorization transactions

The Marqeta platform now applies transaction response code 1922 Transaction cannot be completed to credit voucher and merchandise return authorization (refund.authorization) transactions. Response code 1922 is applied to any refund.authorization transaction that is declined for a reason other than INVALID_MERCHANT, INVALID_AMOUNT, INVALID_CARD, CLOSED_ACCOUNT, or SUSPECTED_FRAUD.

New response codes for declined transactions

The Marqeta platform now applies transaction response codes 1919 Card terminated, 1920 Cardholder terminated, and 1921 Digital wallet terminated to transactions that are declined due to a termination.

New fields to support Visa article 3.2

To support Visa’s article 3.2 data standards for original credit transactions (OCT), the Marqeta platform now includes the transfer_service_provider_name and payment_facilitator_name fields in the card_acceptor object in transaction webhooks, JIT funding messages, and GET /transactions payloads.

New product codes and field to support Mastercard article AN4777

To support Mastercard article AN 4777, the Marqeta platform now includes Mastercard installment payment product codes in the product_id field of the network_metadata object in clearing transaction webhooks. The new product codes are:

  • ETA: Mastercard Installment Payments A

  • ETB: Mastercard Installment Payments B

  • ETC: Mastercard Installment Payments C

  • ETD: Mastercard Installment Payments D

  • ETE: Mastercard Installment Payments E

  • ETF: Mastercard Installment Payments F

  • ETG: Mastercard Installment Payments G

  • SPP: Mastercard Installment Payments P

  • SPS: Mastercard Installment Payments S

In addition to these new product codes, the Marqeta platform now passes the Mastercard-assigned merchant identification numbers in the network_assigned_id field of the card_acceptor object in transaction response payloads. You can use the network_assigned_id to perform analytics based on the Mastercard-assigned merchant identifiers for your installment programs.

Added support for ATM deposits for Mastercard MoneySend Payment Transactions

Mastercard offers a domestic cash-to-card capability that allows cardholders to add cash to Debit Mastercard and Maestro cards at cash deposit-taking ATMs in Switzerland. When Marqeta receives ATM cash deposits as Original Credit Transactions (OCT), the Marqeta platform now populates the transaction_type under the original_credit object with a cash_in value.

Introduction of Mastercard’s Account Intelligence (AI) for Issuers

Mastercard has introduced a new feature called Account Intelligence (AI) for Issuers: Fraud and Risk solution to issuers in Europe. The AI for Issuers solution includes a set of 15 AI-powered scores that cover three key portfolio management themes, and will be delivered to issuer customers in First Presentment (1240) messages. The Marqeta platform now provides the solution’s AI data in the clearing webhook’s fraud object, as shown below.

JSON
Copied

Is this helpful?

Yes
No

Using these scores can provide dynamic insights into your cardholder portfolio and drive account-level risk management through smarter decisioning. At time of writing, these scores have been introduced in the United States, EU, and Canada.

Contact your Marqeta representative to learn more about this optional feature, including fees, and enable it for your program.

Added account funding object to transaction payloads

To support Visa article 3.9, the Marqeta platform now includes the account_funding object in transaction response payloads of JIT Funding messages, webhooks, and GET /transactions API requests.

Allowable account_funding.transaction_type values for Visa account funding transactions are:

account_to_account money_transfer_by_bank funds_transfer face_to_face_merchant_payment person_to_person prepaid_loads wallet_transfer disbursement pension_disbursement

The JSON model of the account_funding object is:

JSON
Copied

Is this helpful?

Yes
No
New reporting data freshness indicator

Relevant reports in the Marqeta Dashboard now display a data freshness indicator indicating how recently the data was updated, with additional information available as a tooltip. For information on this feature, see Data freshness indicator.

A new field, report_load_timestamp, has been added to key endpoints in the DiVA API to provide programmatic access to data freshness information. You can configure your automated jobs to trigger based on updates to this field. For information on this field, see Automating jobs based on updates.

Changed functionality
Secure electronic commerce transactions in transaction payloads

The Marqeta platform now includes secure electronic commerce transactions in transaction payloads with an electronic_commerce_indicator value of authentication_successful and a verification_result value of not_present.

Fixed: Issue displaying amounts in transaction payloads for Iceland Krona

An error in displaying the original_amount in the transaction payload for currency code 352 - Iceland Krona has been fixed on the Marqeta platform.

Notable documentation changes
Multi-language support for code examples

Multi-language support has been added to the codeblock component used to display code examples throughout all collections of the Marqeta platform documentation. Available languages are indicated in the upper-left corner of the component.

Sample data added to inline API widgets

The inline API widgets used throughout all collections of the Marqeta platform documentation and the API Explorer now feature the full payload with sample data in the request body. The shape of the schema is shown, but only fields marked as required are presented. This enhancement makes it easier to interact with the API using copy/paste operations.

Inline API widget

Updated API reference documentation pages

Several API reference pages are now generated directly by parsing Marqeta’s API definition files in OpenAPI format. This single-source approach ensures that the documentation remains synchronized with the API at all times.

You may therefore notice slight differences in the information architecture of these new pages:

March 2022

New features
Upcoming breaking change: correct payload for AFT/OCT transactions

Marqeta currently includes both the original_credit and account_funding objects in transaction payloads through JIT Gateway requests, webhooks, and GET /transactions API requests, rather than including only the appropriate object for the transaction type.

To address this issue, Marqeta will change the transaction payloads to ensure that original credit transactions only include the original_credit object, and account funding transactions only include the account_funding object.

If you receive either original credit or account funding transactions, be aware that your transaction payloads will incorporate this change in the May 2022 release.

New ACH reports

New ACH reports are available in the Marqeta Dashboard and DiVA API:

  • ACH Gateway – Details on ACH gateway activity.

  • ACH Origination – Transaction-level detail for ACH Origination transfers for both Program Funding and User Funding use cases.

  • ACH Pending – Details on pending ACH gateway activity.

  • ACH Verification – Verification details on ACH gateway activity.

These reports are available in the Reports dashboard under Other Transactions > ACH and Other Transactions > ACH Origination and in the DiVA API. For more on these reports in the dashboard, see Other transactions reports. For more on the DiVA endpoints, see DiVA API Reference.

Changed functionality
Changes to response codes for credit voucher and merchandise return authorization transactions

To support article 2.8 of the VisaNet Business Enhancement effective April 2022, Marqeta requires a change to your JIT Gateway decline response codes for credit voucher and merchandise return authorization transactions (both represented by the refund.authorization transaction type on the Marqeta platform).

Beginning in release 22.3, your JIT Gateway should only use these codes in the decline_reason field when declining refund.authorization transactions:

  • INVALID_MERCHANT

  • INVALID_AMOUNT

  • INVALID_CARD

  • CLOSED_ACCOUNT

  • SUSPECTED_FRAUD

If your JIT Gateway declines refund.authorization transactions with a decline_reason not included in the preceding list, Visa would usually reject that authorization response from the Marqeta platform and process the transaction using stand-in processing (STIP). To avoid processing these transactions in STIP, Marqeta will now respond to Visa with response code 93 - Transaction cannot be completed whenever we decline transactions for any reason other than the ones listed above.

For more information about Gateway JIT response codes, see JIT Funding responses.

Card product token added to transaction payload

The card product token is now included at the root level in the transaction payload of JIT requests, webhooks, and GET requests to the /transactions endpoint.

The card product token associated with the card used in the transaction will be returned for all transaction types—including declined transactions—provided the card is present in the Marqeta platform.

Using the card product token, you can quickly obtain additional configuration details from the Marqeta platform and make timely, better informed responses to JIT requests.

For more information about card products and how they determine card functionality and behavior, see the Card Products API reference page.

Acquiring identifier now included in clearing webhooks

Marqeta now includes the six-digit acquiring identifier in the institution_id_code field of the acquirer object in clearing webhooks. You can use this code to associate refunds with their original authorizations.

For more information about this object and field, see Transactions.

New program-level authorization check

A program-level check has been added to the Marqeta platform to ensure that only programs with the ACH Origination feature or the Plaid Account Verification feature enabled are able to make API calls to the endpoints listed below:

  • POST requests to /v3/fundingsources/ach/partner

  • POST requests to /v3/banktransfers/ach

  • GET requests to /v3/banktransfers/ach

  • GET requests to /v3/banktransfers/ach/{token}

  • GET requests to /v3/banktransfers/ach/transitions

Contact your Marqeta representative to enable and configure these features.

For more information about moving funds over the ACH network using the Marqeta platform, see the Program Funding via ACH API reference page. To learn more about how to use Plaid as a third-party partner for validating your account holders, see Account Validation via Plaid.

Fixed: Declined transactions excluded from database (auth-service only)

In previous releases, the Marqeta platform would occasionally not commit declined transactions to the database for auth-service customers during periods of high load. This behavior has been resolved in Marqeta platform release 22.3 by queueing affected messages so they are added asynchronously.

For an overview of transactions and the transaction object, see About Transactions.

Fixed: Incorrect parsing of 3D Secure authentication exemption data from Mastercard

An issue that prevented the cardholder_authentication_data.acquirer_exemption field of the transaction payload from being properly populated has been resolved in Marqeta platform release 22.3. This field indicates the reason why the acquirer made a 3D Secure authentication exemption such as MERCHANT_INITIATED_TRANSACTION or LOW_VALUE_PAYMENT; it is only returned when it is included in the transaction data received from the card network.

For detailed information about the cardholder_authentication_data object and the acquirer_exemption array, see Transactions.

Fixed: Incorrect velocity control balance calculation

This release of the Marqeta platform resolves a double-impacting velocity control issue that occurred while issuing online refunds. In previous releases, the Marqeta platform would deduct refund amounts twice (once when the refund came to adjust the velocity control balance, and again during clearing for the same refund to update the velocity_control_cache database table).

For more information about how to use velocity controls to oversee spending by your cardholders, see the Controlling Spending guide.

Changes to reports

The Program Funding Balances report replaces the Reserve Balances report. Use this report to get a daily aggregated view of a program’s funding balance using an authorization funding model. The report is available in the Reports dashboard under Balance > Program Funding Balances and in the DiVA API. For information on this report in the dashboard, see Balance reports. For information on the DiVA endpoint, see Program Funding Balances.

Notable documentation changes
Updated API reference documentation pages

Several API reference pages are now generated directly by parsing Marqeta’s API definition files in OpenAPI format. This single-source approach ensures that the documentation remains synchronized with the API at all times.

You may therefore notice slight differences in the information architecture of these new pages:

February 2022

Changed functionality
New field for details on acquirer-exempted transactions meets EU requirement

For e-commerce transactions, acquirer exemptions are now supported and included in the cardholder_authentication_data object. This additional field provides details on acquirer-exempted transactions, including merchant-initiated transactions, which are exempted from cardholder authentication.

Acquirer-exempt transaction reporting is required in the EU region, and this data will help provide needed details for the regulators. The information is provided in the acquirer_exemption field, which is now converted from a string to an array in the cardholder_authentication_data object.

The transaction payload will contain information as follows:

JSON
Copied

Is this helpful?

Yes
No
Mastercard OCT transactions no longer require CVC in the request

The Marqeta platform no longer enforces a requirement that OCT transactions using Mastercard include the CVC in the request. Furthermore, such transactions are no longer declined.

Refund authorizations no longer declined for terminated or suspended digital wallet tokens

For refund.authorization transactions, the Marqeta platform now allows refunds to go through successfully, even if the digital wallet token is in a terminated or suspended state.

Additional valid responses for the shippinginformationresponse object

The Marqeta platform now includes expanded definitions of the shippinginformationresponse object used by the API Explorer and the Core API inline widgets to correctly include FEDEX_EXPEDITED, FEDEX_REGULAR, UPS_EXPEDITED, UPS_REGULAR, USPS_EXPEDITED, USPS_REGULAR, LOCAL_MAIL, LOCAL_MAIL_PACKAGE, GROUND, TWO_DAY, OVERNIGHT, and INTERNATIONAL in addition to the previously supported responses as part of the fulfillment.shipping object.

Fixed declined transactions that include foreign currencies

An issue that caused the Marqeta platform to decline balance inquiry transactions when a foreign currency was present in the request has been fixed on the Marqeta platform.

Updated requirements for reason codes on declined transactions

The Marqeta platform now includes updated the reason codes we provide to Visa for declined transactions to align with recently released data integrity standards. When the JIT Funding gateway responds to a JIT Funding request and denies requested funding, you should provide an appropriate decline_reason so that Marqeta can in turn respond to the network with the correct network response codes. For details, see the decline_reason field documentation on Gateway JIT Funding Messages.

Ability to modify Discretionary Data in Card Products API

With this release, Card Products API users can now modify values for Track 1 and Track 2 stored in Discretionary Data in order to capture additional information at the point of sale for fleet use cases.

The full object structure now looks as shown below:

JSON
Copied

Is this helpful?

Yes
No
Notable documentation changes
New guide for integrating with Plaid

Learn step-by-step how to integrate with Plaid to validate your users in this new guide available in the Transactions category of the Guides collection. This guide links to a new endpoint used to create an ACH source via a partner integration, which is featured in the Account Holder Funding Sources API reference page.

New Building Your Card Program guides

We have introduced new Building Your Card Program guides, including an Understanding Card Program Differences guide that compares the Powered By Marqeta (PxM) and Managed By Marqeta (MxM) card program models. This guide helps you decide if you want to learn more about Building Your Powered By Marqeta Card Program or Building Your Managed By Marqeta Card Program.

New Powered By Marqeta in Europe guide

There is a new About Powered By Marqeta in Europe guide that offers integration overview information.

January 2022

New features
Automatic card suspension after successive card-not-present (CNP) verification failures

To help prevent fraudulent CNP transactions, you can choose to automatically suspend cards after a configurable number of successive CVV2 or CVC2 verification failures.

Talk to your Marqeta representative to enable and configure this feature.

3D Secure acquirer exemptions for e-commerce transactions

Marqeta now provides details about merchant-initiated e-commerce transactions that are exempt from the 3D Secure cardholder authentication requirements in the acquirer_exemption array within the cardholder_authentication_data object in transaction response payloads.

You can use this data to comply with EU reporting regulations for acquirer-exempted transactions.

For detailed information about the cardholder_authentication_data object and the acquirer_exemption array, see Transactions.

New verification result value for cardholder authentication data in STIP advice messages

The cardholder_authentication_data.verification_result field in stand-in processing (STIP) advice messages now supports the enumerated value not_verified_authentication_outage to indicate when stand-in processing was triggered by a 3D Secure authentication outage.

For detailed information about the cardholder_authentication_data object, see Transactions.

Changed functionality
Usability improvements to PCI-compliant widgets

The PCI-compliant Activate Card and Set PIN Widgets have been redesigned to reflect takeaways collected from recent usability research:

  • The user experience when entering a PAN as part of activating a card has been improved for enhanced readability and retention. Previously, the card number display was formatted as 1111222233334444; now card numbers are displayed in groups of four digits such as 1111 2222 3333 4444.

  • Where appropriate, the widgets' input fields will now display a number dial pad instead of a full QWERTY keyboard.

  • A legibility issue whereby the overlay spinner impeded visibility while processing a card activation or set PIN request has been addressed.

Webhook password strength conditions

A series of validation checks for the password used to access your webhook endpoint have been added to the public/private sandbox environment. These checks ensure that each of the password strength conditions is evaluated in real time by the Marqeta Dashboard. A checkmark ( ✓ ) indicates when the condition has been satisfied, and the Save button only becomes enabled once all conditions have been met. For more information on creating webhooks in the public/private sandbox environment, see the Manage your webhooks section of the Dashboard Overview and Quick Start.

Shortened public sandbox provisioning time

The Marqeta platform provides a secure testing and development environment called the sandbox where you can explore the capabilities of the Core API. A reduction in dependency management tools has enabled us to dramatically shorten the time required to provision a public sandbox from 10 minutes to only three minutes. To create your own public sandbox and user, sign up for an account on the Marqeta platform.

Nested deposit_account object no longer returned in response body

In previous versions, a successful POST request to the /users or /businesses endpoint would include a nested deposit_account object in the response body. This object has been withdrawn from the response body of both endpoints, as it was unneeded and could create confusion.

Example of the previous response body:

JSON
Copied

Is this helpful?

Yes
No

New response body, without the nested deposit_account object:

JSON
Copied

Is this helpful?

Yes
No
Fixed: Zero-dollar authorizations for inactive cards

An issue that caused zero-dollar authorizations on inactive cards to return a Card is active message has been fixed in this release.

Join our developer newsletter