Skip to main content

Token

TokenInquiry

This API is used to retrieve a list of tokens associated with a given card.

Request:

Data ElementField NameDescriptionFormatLengthM/ORemark
1Card TokencardTokenCard TokenStringMaximum 19 characterRequired

Response:

Data ElementField NameDescriptionFormatLengthM/ORemark
1Record NumberrecordNumRecord NumberStringMaximum 8 characterRequired
2Record ListrecordListeach element is a complex element that includes the following sub-elements:
2.1sub-elements of each element in the listappUserIdThe ID of the teller who initiated the tokenStringMaximum 32 charactersRequired
2.2deviceIdThe ID of the terminal which initiated the tokenStringMaximum 64 charactersRequiredDevice ID, it shall be IMEI for Android mobile or IDFV for iOS mobile
2.3cardMaskNumberCard Mask NumberStringMaximum 19 charactersRequired
2.4cardTokenCard Token NumberStringMaximum 19 charactersRequired
2.5cardTokenStateCard Token StateStringMaximum 15 charactersRequiredValid values: "ACTIVE", "SUSPENDED", "DELETED"
2.6cardTokenExpiryDateCard Token ExpiryDateStringYYYYMMDDHHMISSRequiredGMT+8 time zone
2.7hceCardInfoHCE Card InformationStringMaximum 4096 charactersOptional

TokenRequest

This API is used to request a token associated with a given card. After generating UnionPay Virtual PAN based on issuer’s mobile APP Account, this API is used to initialize Token for the Virtual PAN.

Request:

Data ElementField NameDescriptionFormatLengthM/ORemark
1Card TokencardTokenCard TokenStringMaximum 19 charactersRequired
2Card ExpiryDateexpiryDateCard ExpiryDateStringYYMMRequired
3CVV2CVV2CVV2StringMaximum 3 charactersRequired
4Use Case IndicatoruseCaseIndicatorUse Case IndicatorArrayMaximum 100 charactersRequiredValid values: "QRC", "HCE", "SE", "COF"
5Cardholder Verification MethodcvmCardholder Verification MethodArrayMaximum 225 charactersRequiredValid values: "expiryDate", "cvn2", "name", "idType", "idNo", "mobileNo", "otp". Fixed fill in ["expiryDate","cvn2"] for unee
6HCE SDK PropertieshecSdkPropertiesHCE SDK PropertiesStringMaximum 4096 charactersOptionalReturned from HCE SDK.

Response:

Data ElementField NameDescriptionFormatLengthM/ORemark
1Card Mask NumbercardMaskNumberCard Mask NumberStringMaximum 19 charactersRequired
2Card Token NumbercardTokenCard Token NumberStringMaximum 19 charactersRequired
3Card Token StatecardTokenStateCard Token StateStringMaximum 15 charactersRequiredValid value: "ACTIVE"
4Card Token ExpiryDatecardTokenExpiryDateCard Token ExpiryDateStringYYYYMMDDHHMISSRequiredGMT+8 time zone
5HCE Card InformationhceCardInfoHCE Card InformationStringMaximum 4096 charactersOptional

TokenStateUpdate

This API is used to notify the change of the state of a given token to Coshine system. When the cardholder or the mobile application suspends, resumes, or deletes the card, the mobile application shall send the Token State Update request to change the state of the Token.

Request:

Data ElementField NameDescriptionFormatLengthM/ORemark
1Card Token NumbercardTokenCard Token NumberStringMaximum 19 charactersRequired
2Card Token ActioncardTokenActionCard Token ActionStringMaximum 15 characterRequiredValid values: "ACTIVATE", "SUSPEND", "RESUME", "DELETE"
3Enrollment IDenrollmentIdEnrollment IDStringMaximum 16 charactersOptionalIt is used to match the message sets within an enrollment process.

Response:

Data ElementField NameDescriptionFormatLengthM/ORemark
1Card Token NumbercardTokenCard Token NumberStringMaximum 19 charactersRequired
2Card Token StatecardTokenStateCard Token StateStringMaximum 15 charactersConditionalValid values: "ACTIVE", "SUSPENDED", "DELETED"

TokenStateNotification

This API is used to notify the change of token status to mobile application. When the UMPS suspends, resumes, or deletes the card, the UMPS will send the Token State Notification request to notify the mobile application.

Request:

Data ElementField NameDescriptionFormatLengthM/ORemark
1Card TokencardTokenCard TokenStringMaximum 19 charactersRequired
2Card Mask NumbercardMaskNumberCard Mask NumberStringMaximum 19 charactersRequired
3Card Token NumbercardTokenCard Token NumberStringMaximum 19 charactersRequired
4Card Token StatecardTokenStateCard Token StateStringMaximum 15 charactersRequiredValid values: "ACTIVE", "SUSPENDED", "DELETED"

Response:

TokenMetadataUpdate

This API is used to update the metadata of a token, such as token expiry date. The token metadata, e.g., token expiry date, needs to be updated from the mobile application’s side if the PAN expiry date has already been renewed.

Request:

Data ElementField NameDescriptionFormatLengthM/ORemark
1Card Token NumbercardTokenCard Token NumberStringMaximum 19 characterRequired
2Card ExpiryDateexpiryDateCard ExpiryDateStringYYMMRequired
3Card Token NumbercardTokenCard Token NumberStringMaximum 19 charactersRequired

Response:

Data ElementField NameDescriptionFormatLengthM/ORemark
1Card Token NumbercardTokenCard Token NumberStringMaximum 19 charactersRequired
2Card Token ExpiryDatecardTokenExpiryDateCard Token ExpiryDateStringYYYYMMDDHHMISSRequiredGMT+8 time zone

ReplenishTokenLUK

Mobile application will call SDK API “tokenValidForProcessing” to check if there are available LUKs in SDK before payment for a given Token identified by the Token ID.

Request:

Data ElementField NameDescriptionFormatLengthM/ORemark
1Card Token NumbercardTokenCard Token NumberStringMaximum 19 charactersRequired
2LUK SecretlukSecretLUK SecretStringMaximum 4096 characterRequiredReturned from HCE SDK.

Response:

Data ElementField NameDescriptionFormatLengthM/ORemark
1Card Token NumbercardTokenCard Token NumberStringMaximum 19 charactersRequired
2Card Token KeycardTokenKeyCard Token KeyArrayMaximum 4096 characterRequired