**Last updated**: 11 March 2026 | [**Change log**](/access/products/card-verifications/changelog/) # Verify a customer's card Verify your customer's card or make a name inquiry. ## Card Verification Verify and validate your customer's card details to protect you against fraud. ### Example request `POST` `https://try.access.worldpay.com/cardVerifications` Verification - Card Verification - Token Verification - Network Token ### Parameter descriptions | Parameter | Required? | Description | | --- | --- | --- | | `type` | ✅ | Defines the type of request. Use `cardVerification` to verify a card or `nameInquiry` if you want to make a name inquiry. | | `merchant` | ✅ | An object that contains information about the merchant. See full object descriptions in our [API Reference](/access/products/card-verifications/openapi/other/cardverify#other/cardverify/t=request&path=&oneof=0/merchant) | | `transactionReference` | ✅ | A unique reference generated by you that is used to identify a payment throughout its lifecycle. See [transaction reference format](/access/products/reference/formatting#transaction-reference-format), for more details and the best practices. | | `instruction` | ✅ | The object that contains all the payment information related to the verification request. See full object descriptions in our [API Reference](/access/products/card-verifications/openapi/other/cardverify#other/cardverify/t=request&path=&oneof=0/instruction). | | `channel` | ❌ | The payment channel indicates the interaction of the cardholder with you. Supply a value of `moto` to process an authorization as a Mail Order or Telephone Order transaction. When channel is not provided, the default is `ecom` One of: `ecom` or `moto`. | | `customerAgreement` | ❌ | An object that contains specific customer agreements for the transaction. One of: `cardOnFile`, `subscription`, `installment` or `unscheduled`. See full object descriptions in our [API Reference](/access/products/card-verifications/openapi/other/cardverify#other/cardverify/t=request&path=&oneof=0/instruction/customeragreement) | | `authentication` | ❌ | An object containing information about the authentication of your customer. See full object descriptions in our [API Reference](/access/products/card-verifications/openapi/other/cardverify#other/cardverify/t=request&path=&oneof=0/authentication). | | `recipient` | ❌ | The details of the recipient of the payment. See full object descriptions in our [API Reference](/access/products/card-verifications/openapi/other/cardverify#other/cardverify/t=request&path=&oneof=0/recipient). We highly recommend you supply this, if your MCC is 6012 or 6051. Sending this field ensures you remain PSD2 compliant and avoid potential acquirer refusals. | Note You can also find the full schema and more example requests in our [API Reference](/access/products/card-verifications/openapi/#other/cardVerify). #### Risk factors We recommend you supply `cvc` and `billingAddress` to increase probability of a successful verification. ## Name inquiry You can now make a `nameInquiry` for Visa cards. This allows you to check the validity of the cardholder name provided. This is important if you make payouts so you can check that the person receiving the payout is who they say they are. Prerequisite In order to make a name inquiry, your account must be enabled. Please contact your Implementation Manager. ### Example request `POST` `https://try.access.worldpay.com/cardVerifications` Name inquiry - card Name inquiry - token ### Parameter descriptions | Parameter | Required? | Description | | --- | --- | --- | | `type` | ✅ | Defines the type of request. Use `cardVerification` to verify a card or `nameInquiry` if you want to make a name inquiry. | | `merchant` | ✅ | An object that contains information about the merchant. See full object descriptions in our [API Reference](/access/products/card-verifications/openapi/other/cardverify#other/cardverify/t=request&path=&oneof=0/merchant) | | `instruction` | ✅ | The object that contains all the payment information related to the verification request. See full object descriptions in our [API Reference](/access/products/card-verifications/openapi/other/cardverify#other/cardverify/t=request&path=&oneof=0/instruction). | | `cardHolder` | ✅ | The object that contains cardholder name information. See full object descriptions in our [API Reference](/access/products/card-verifications/openapi). | | `lastname` | ✅ | The Last name of the cardholder. Must not contain 'All spaces', 'All zeros' , ' All numeric , 'Question marks - ?'. See full object descriptions in our [API Reference](https://developer.worldpay.com/products/card-verifications/openapi/other/cardverify#other/cardverify/t=request&path=&oneof=1/instruction/cardholder/lastname) | | `firstname` | ❌ | The First name of the cardholder. Must not contain 'All spaces', 'All zeros' , ' All numeric , 'Question marks - ?'. See full object descriptions in our [API Reference](https://developer.worldpay.com/products/card-verifications/openapi/other/cardverify#other/cardverify/t=request&path=&oneof=1/instruction/cardholder/lastname) | | `middlename` | ❌ | The Middle name of the cardholder. Must not contain 'All spaces', 'All zeros' , ' All numeric , 'Question marks - ?'. See full object descriptions in our [API Reference](https://developer.worldpay.com/products/card-verifications/openapi/other/cardverify#other/cardverify/t=request&path=&oneof=1/instruction/cardholder/lastname) | Note You can also find the full schema and more example requests in our [API reference](/access/products/card-verifications/openapi). ### Test values Test cardholder name inquiry outcomes using the values below: | Test card number | `nameInquiry` | `riskFactors` | | --- | --- | --- | | 4462030000000000 | `matched` | No `riskFactors` returned | | 4484070000000000 | `partialMatched` | A `riskFactors.risk` value of `partialMatched` is returned where `riskFactors.type` = `nameInquiry`, for the following `riskFactors.detail` values: `firstName``middleName``lastName` | | 4917300800000000 | `notMatched` | A `riskFactors.risk` value of `notMatched` is returned where `riskFactors.type` = `nameInquiry`, for the following `riskFactors.detail` values: `firstName``middleName``lastName` | | 4444333322221111 | `notChecked` | A `riskFactors.risk` value of `notChecked` is returned where `riskFactors.type` = `nameInquiry`, for the following `riskFactors.detail` values: `firstName``middleName``lastName` | ## 3DS You can optionally submit 3DS parameters for card verification requests. To get the `customer` authentication object you must complete an [authentication request](/access/products/3ds/web/authentication) using our [3DS API](/access/products/3ds). #### Example request ### 3DS Parameters You can view the full details for our `authentication` object in our [API Reference](/access/products/card-verifications/openapi). ## Apple Pay, Google Pay, and Samsung Pay decrypted You can optionally submit Apple Pay, Google Pay, and Samsung Pay decrypted parameters for card verification requests. #### Example request Apple Pay decrypted Google Pay decrypted Samsung Pay decrypted #### Apple Pay, Google Pay, and Samsung Pay decrypted parameter descriptions You can view the full details for the `"card/networkToken+applepay"`, `"card/networkToken+googlepay"`, and `"card/networkToken+samsungpay"` `paymentInstrument`in our [API Reference](/access/products/card-verifications/openapi). ## Funds transfers A funds transfer is a money movement for a reason other than for the purchase of goods or services. These are also referred to as Account Funding Transactions (AFTs). Examples: - loading a wallet with funds using a card (including stored value digital wallets and crypto or trading wallets) - adding funds to a pre-paid card using another card - sending money to another person (for example as a gift) details summary Parameters You must include the `instruction.fundsTransfer` object to correctly flag a transaction as a funds transfer. | Parameter | Required? | Description | | --- | --- | --- | | `instruction.fundsTransfer` | ❌ | An object containing details about the transfer and the sender and recipient of funds. | | `fundsTransfer.type` | ✅ | Possible values:`accountToAccount` - Move funds to another financial institution account owned by the same person `cash` - A card is used to fund a transfer where funds are given to the recipient in cash`disbursement` - A card is used as the source of funds for a disbursement `transfer` - Move funds to another account owned by the same person. Eg crypto/trading`personToPerson` - Move money to an account owned by another person `payrollDisbursement` - Use a card to fund payroll disbursements`prePaidTopUp` - Top up a pre-paid card `debitTopUp` - Transfer funds from a card to a debit card account owned by the same person | | `fundsTransfer.purpose` | ❌ | Possible values:`familySupport``travel``education``medical``emergency``savings``gift``other``salary``crowdLending``crypto` | #### Code example ``` "instruction": { "fundsTransfer": { "type": "transfer", "purpose": "crypto", } } ``` ## Response You receive: * a `200` (name inquiry) or `201` (card verification) HTTP response code * a verification `outcome` (either `verified` or `not verified`) * an [issuer response code and description](/access/products/reference/refusal-response) (`not verified` result only), and a `refusalAdvice` `code` (`not verified` result only and MasterCard is the only card that may return this) * a scheme reference for card on file only (not all issuers return this) * [riskFactors](#risk-factors) * a `paymentInstrument` Best practice Access Worldpay returns a `WP-CorrelationId` in the headers of service responses. We **highly recommend** you log this. The `WP-CorrelationId` is used by us to examine individual service requests. Note The `paymentInstrument` contains the `paymentInstrument.type` sent in the request at minimum. If you wish to receive more card metadata this must be enabled. For more information contact your Implementation Manager. Verified (card verification) ```json { "outcome": "verified", "scheme": { "reference": "MCCYQ2PBT0626" }, "checkedAt": "2024-06-26T14:33:22.780572Z", "riskFactors": [ { "risk": "matched", "type": "cvc" }, { "risk": "notSupplied", "detail": "postcode", "type": "avs" }, { "risk": "notSupplied", "detail": "address", "type": "avs" } ], "paymentInstrument": { "type": "card/plain+masked", "countryCode": "GB", "cardBrand": "mastercard", "fundingType": "credit", "issuerName": "BANK OF SCOTLAND PLC", "category": "consumer" }, "_links": { "cardVerifications:verification": { "href": "https://access.worldpay.com/cardVerifications/MjpHbzRkTGNDVnh1alJzN3NFdG1LSGZnPT06QUVTL0NCQy9QS0NTNVBhZGRpbmc6SktwM2Q0MkFsM2RORlV2NnhkendYTlFZcHlPMmxUeUs0TVlpY0srUmtBcVY4Sk1tRGJaaGVMQ3ZDWjZ0M2dJdDE3Vi94VHhFZHdZR0NXbFlXL1gxSmFUaEZXaHhzbWtzT0xHdlpBc2pPUGZ3eVE3bVRpZVNncVN2NTJRQ3c5QVo=" } } } ``` Not verified (card verification) ```json { "outcome": "not verified", "refusalCode": "1", "refusalDescription": "Refer to card issuer", "checkedAt": "2024-06-26T14:31:43.478Z", "scheme": { "reference": "MCCYQ2PBT0626" }, "riskFactors": [ { "risk": "notChecked", "type": "cvc" }, { "risk": "notChecked", "detail": "postcode", "type": "avs" }, { "risk": "notChecked", "detail": "address", "type": "avs" } ], "paymentInstrument": { "type": "card/plain+masked", "brand": "visa", "fundingType": "credit", "issuerName": "UNKNOWN", "category": "consumer" }, "_links": { "cardVerifications:verification": { "href": "https://access.worldpay.com/cardVerifications/Mjp0WmJTZG81akNJVEpvbTdhbEJzdThBPT06QUVTL0NCQy9QS0NTNVBhZGRpbmc6OWFKWDZyS1M1YnVjdWExaUpjVloxZE1NNWdkc3AzdHNkSldXcnBMby9YZXRyM2VpQS9WYXhraFhqMjJsT3NFMDBwZU5lMHJnWVIzR1hNTjJlaTkvWndJWk9vdTZSa3FBSWIrdnRHZ25oamtYL1M2T2NOQU1Gd0ozekM1TmIwMEs=" } } } ``` Verified (name inquiry: matched) ```json { "outcome": "verified", "nameInquiry": "matched" } ``` Verified (name inquiry: not matched) ```json { "outcome": "verified", "nameInquiry": "not matched", "riskFactors": [ { "type": "nameInquiry", "detail": "firstName", "risk": "notSupplied" }, { "type": "nameInquiry", "detail": "middleName", "risk": "notMatched" }, { "type": "nameInquiry", "detail": "lastName", "risk": "notMatched" } ] } ``` Not verified (name inquiry: not matched) ```json { "outcome": "not verified", "nameInquiry": "notMatched", "refusalCode": "N7", "refusalDescription": "Decline for CVV2 failure", "riskFactors": [ { "type": "nameInquiry", "detail": "firstName", "risk": "notMatched" }, { "type": "nameInquiry", "detail": "middleName", "risk": "notMatched" }, { "type": "nameInquiry", "detail": "lastName", "risk": "notMatched" }, { "type": "cvc", "risk": "notMatched" } ] } ``` #### Payment instrument We only return the `paymentInstrument` card metadata if you are enabled for this feature. Best practice If you receive an `outcome` of `not verified` it means that your customer has failed the verification. We **strongly recommend that you refuse the payment** made with that payment instrument. Note In case of any errors, you can get further information in our error reference. #### Location storing You must store the returned location information. Failing to store the location information means the outcome of the verification is lost. You are not able to query a historic verification. The location is stored in the `href` of the `verifications:verification` action link received on your verifications response. Best practice We recommend you store all responses.