Skip to main content

Introduction

Welcome to QI Tech's Card Issuance Fraud Prevention API! You can use our API to access the endpoints to receive the response of a transaction, as well as to update the status of a transaction.

Attention

Please note that this API is intended for card issuers — that is, companies that issue the card to the cardholder so they can transact. Its purpose is to perform all security analysis on your client's transactions, preventing fraud and other types of incidents (such as transactions resulting from robberies).

Below, you can see the API implementation using cURL. This gives you examples that you can adapt to the programming language of your choice.

Issues?

We're not a company that hides behind an API! Reach out to our support team and we'll get back to you as soon as possible. Feel free to give us a call if you want a quicker answer!

We love feedbacks

Even if you've already solved your issue or it is something simple (like a typo or a small organizational detail), feel free to send us an email. That way, we can keep improving our documentation and help the next person avoid the same difficulties you faced!

Environments

We provide two environments for our clients. The base URLs for the APIs are:

  • Production - https://api.caas.qitech.app/card_issuance/
  • Sandbox - https://api.sandbox.caas.qitech.app/card_issuance/
Important Warning!

Real personal or company data must not be used in QI Tech's Sandbox environments.

In the Sandbox environment, submitted analyses are not charged and are responded to according to predefined rules.

For transaction analysis, the following rule is applied based on the transaction amount:

MinimumMaximumDecision
10000-automatically_approved
09999automatically_declined

Only HTTPS

For security reasons, all communication with QI Tech's APIs must be conducted over HTTPS. To ensure that no HTTP calls are made, whether by oversight or any other reason, this server only makes port 443 available with TLS 1.2 communication. Requests using other protocols will be automatically rejected.

Authentication

To authenticate a request, use the following code:

# In the shell, you only need to add the appropriate header to each request
curl "api_endpoint_here"
  -H "Authorization: EXAMPLE-OF-API-KEY"

Replace the API Key 'EXAMPLE-OF-API-KEY' with your own key, which should be obtained from our support team.

We use an API Key to grant access to our API. It was likely sent to you by email. If you haven't received your key yet, please send an email to suporte.caas@qitech.com.br.

Our API expects to receive the API Key in all requests to our server in a header like the one below:

Authorization: EXAMPLE-OF-API-KEY

Attention

You must replace EXAMPLE-OF-API-KEY with your own key, which should be obtained from our support team.