# Issuing Virtual Cards

A virtual card is a type of payment card which usually refers to a digital substitute of a physical card. It is a card which is fully functional and it is an ideal solution for online payments as it is extremely helpful in keeping your account secure online.

A virtual card exists in a virtual form. You can make online and in-app purchases with this card. A virtual card has card details (e.g. 16 digit card number, an expiry and a CVV2) which users can retrieve and use for online payments. The virtual card will be created for a card product already defined in the system. A card can only belong to a single card product and will inherit all of its features and characteristics applied to the card product.

Virtual cards can be used instantly after creation. You can issue a virtual card and use it in the following steps.

* Create a user
* Create a card
* Fund the account
* Use the card

Below you can find a virtual card issuance decision flow:

![](https://3730541649-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Ftelq9krTgSM8OvsHep7r%2Fuploads%2FTlXJ4V8QxQjuTDf6lcEb%2FIssuance%20Flow%20\(2\).jpg?alt=media\&token=64d227b7-4523-481a-97fa-521bc1a488bc)

### Create a user

A user is an entity which can be an individual that holds an account at nCore which is represented by the user object.

Please refer to the section [**Users**](https://docs.nymcard.com/get-started/issuance/users) for more information.

### Create a card

At nCore platform, payment cards are identified as an object of the cards resource, you can create a card by sending a POST request to **/cards** endpoint.

&#x20;The card object stores data about the card for example, **name on card, card number, expiry date, CVV2, card product** etc.

*Note: Create a user and a card product before creating a card. It is mandatory to provide the the identifier of the user who owns the card,* *the type of card (virtual/physical), and the identifier of the card product in **POST*** **/cards** *request as shown below.*

<details>

<summary><a href="https://nymcard.com/docs/api#tag/Cards/operation/createCard">POST /cards</a></summary>

**`{`**\
`    `**`"user_id": "d089a80f-e641-4045-8a80-54841e4a7458",`**\
`    `**`"card_type": "VIRTUAL",`**\
`    `**`"card_product_id": "b4eabfc-f839-4e51"`**\
\&#xNAN;**`}`**

</details>

Please note that virtual card’s PAN, expiry date, and a CVV2 are provided to the cardholders in 2 ways:

* **For non PCI DSS compliant customers:** Virtual cards details are displayed to the cardholder by using PCI widgets. For further information, please refer to the [**PCI widget**](https://docs.nymcard.com/get-started/security/pci-widget) section.
* **For PCI DSS compliant customers:** Virtual card details can be retrieved by sending a **GET** request to **/cards/{id}/show\_info** endpoint. For further information on PCI DSS please refer to the [**Security**](https://docs.nymcard.com/get-started/security) section.

#### Retrieve a card

To retrieve a specific card, you can include the card ‘ID’ path parameter in your **GET** request and send it to **/card/{id}** endpoint.

> [**GET /cards/{id}**](https://nymcard.com/docs/api#operation/getCard)

### Fund the account

Whenever a new card is issued a General Ledger (GL) account will be automatically created and linked to the card. The card account is a term which is usually used to refer to this account. The account holds the funds of the card.

To access account and retrieve details, please follow these steps:

* Send a GET request to **/cards/{id}/accounts** endpoint to fetch the accounts linked to the card. Send this request with the Card ID parameter field.

> [**GET /cards/{id}/accounts**](https://nymcard.com/docs/api#tag/Cards/operation/getCardAccounts)

* Once you have the card accounts, you can then send a **GET** request to **/accounts/{id}** endpoint with the account ID to retrieve the account details like account currency, balance etc.

> [**GET /accounts/{id}**](https://nymcard.com/docs/api#tag/Accounts/operation/getAccount)

To fund the card account, please refer to the [**Funding**](https://docs.nymcard.com/get-started/funding-and-transfers/internal-funding-source) section.

### Use the card

After the card account is funded the card is ready to be used for online and in-app purchases.&#x20;

{% hint style="info" %}
For digital wallets (ApplyPay, SamsungPay & GooglePay), a user is limited to a maximum of 10 tokens per card from the respective wallet providers (Terminated tokens are excluded).

Also take into account that a card is temporarily blocked for 24 hours for provisioning if the user makes five consecutive invalid CVV2 or expiry attempts.
{% endhint %}