Authorization controls
These controls can allow or restrict authorizations based on the allowed or restricted countries list or merchants list. You can limit spending at a single country or at a group of countries, and you can limit spending by a single user, users with a particular card product, or all users. And the same applies to merchants.
There are two types of authorization controls nCore platform offers.
  • Allowed countries authorization controls
  • Allowed MCCs authorization controls

Allowed countries authorization controls

The allowed countries authorization controls functionality checks while processing authorizations whether the authorization is coming from a certain country which is allowed (whitelisted) or restricted (blacklisted). If the authorization is coming from a whitelisted country, then this control check is passed and move for the further processing else if the authorization is coming from a blacklisted country then the authorization is rejected and do not move forward for further processing.
It is a non-financial check specific to a country list to allow (whitelist) certain countries or restrict (blacklist) certain countries as per your business needs. The allowed countries' whitelisting or blacklisting should be configured and managed at card product level as well as at an individual card level.

Allowed lists management

You can create and manage allowed lists by using our APIs. Following are the APIs available at nCore platform for allowed lists management.
  • Create a list of allowed countries
  • Retrieve all allowed countries lists
  • Get allowed countries list by ID
  • Update a specific list of allowed countries
Create a list of allowed countries
You can create a list of allowed countries by sending a POST request to /allowedcountries endpoint. An example is given below.
The parameter “allow” is used to blacklist or whitelist the allowed countries list. If “allow” is false then the countries list will be considered as a blacklist.
Retrieve all lists of allowed countries
You can retrieve all existing lists of allowed countries by sending a GET request to /allowedcountries endpoint as given below.
Get a list of allowed countries by ID
You can retrieve a specific list of allowed countries by its ID by sending a GET request to /allowedcountries/{id} endpoint as given below.
Update a specific list of allowed countries
You can update a list of allowed countries by sending a PUT request to /allowedcountries/{id} endpoint as given below.

Allowed MCCs authorization controls

The allowed MCCs authorization controls functionality checks whether the authorization is initiated at a certain merchant which is allowed (whitelisted) or restricted (blacklisted). If the authorization is coming from a whitelisted merchant, then this control check is passed and move for the further processing else if the authorization is coming from a blacklisted merchant then the authorization is rejected and do not move forward for further processing.
It is a non-financial check specific to a MCCs list (MCCs - merchant category codes) to allow (whitelist) certain merchants or restrict (blacklist) certain merchants as per your business needs. The list can be either a whitelist or a blacklist and logically cannot be both at the same time. The MCC whitelisting or the blacklisting should be configured on both card product level as well as at an individual card level.

Allowed lists management

You can create and manage allowed lists by using our APIs. Following are the APIs available at nCore platform for allowed lists management.
  • Create a list of allowed MCCs
  • Retrieve all lists of allowed MCCs
  • Get a specific list of allowed MCCs by ID
  • Update a specific list of allowed MCCs
Create a list of allowed MCCs
You can create a list of allowed MCCs by sending a POST request to /allowedmccs endpoint. An example is given below.
The parameter “allow” is used to blacklist or whitelist the allowed MCCs list. If “allow” is false then the MCCs list will be considered as a blacklist.
Retrieve all lists of allowed MCCs
You can retrieve all existing lists of allowed MCCs by sending a GET request to /allowedmccs endpoint as given below.
Get a specific list of allowed MCCs
You can retrieve a list of allowed MCCs by its ID by sending a GET request to /allowedmccs/{id} endpoint as given below.
Update a specific list of allowed MCCs
You can update a list of allowed MCCs by sending a PUT request to /allowedmccs/{id} endpoint as given below.