Zero Auth
Quick Reference
WhatZero-value card validation
WhyConfirm a card is active without moving money
DifficultyBeginner
PrerequisitesAuthentication → Wallet
Zero-auth sends a non-monetary pre-authorization to the card network, confirming the card exists, is active, and can accept charges — without moving any funds.
Why zero-auth
| Use case | Benefit |
|---|---|
| Subscription setup | Validate the card before the first billing cycle begins |
| Card-on-file | Confirm a stored card is still valid before a future charge |
| Fraud pre-check | Detect stolen or blocked cards at onboarding, not at checkout |
| Onboarding | Verify payment credentials during account creation |
Endpoint
POST https://core-manager.a55.tech/api/v1/bank/wallet/zeroauth/
Postman: Import the A55 API Collection to test this endpoint interactively.
Request fields
| Field | Type | Required | Description |
|---|---|---|---|
wallet_uuid | string | Yes | Wallet identifier |
holder_name | string | Yes | Name as printed on the card |
card_number | string | Yes | Full PAN |
expiry_month | string | Yes | Two-digit month |
expiry_year | string | Yes | Four-digit year |
cvv | string | Yes | Card verification value |
brand | string | No | Card brand (auto-detected if omitted) |
- cURL
- Python
- JavaScript
curl -X POST https://core-manager.a55.tech/api/v1/bank/wallet/zeroauth/ \
-H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" \
-d '{"wallet_uuid":"wal_abc123","holder_name":"Jane Doe","card_number":"4111111111111111","expiry_month":"12","expiry_year":"2027","cvv":"123"}'
resp = requests.post("https://core-manager.a55.tech/api/v1/bank/wallet/zeroauth/",
headers={"Authorization": f"Bearer {token}"},
json={"wallet_uuid": "wal_abc123", "holder_name": "Jane Doe",
"card_number": "4111111111111111", "expiry_month": "12",
"expiry_year": "2027", "cvv": "123"})
const resp = await fetch("https://core-manager.a55.tech/api/v1/bank/wallet/zeroauth/", {
method: "POST",
headers: { Authorization: `Bearer ${token}`, "Content-Type": "application/json" },
body: JSON.stringify({ wallet_uuid: "wal_abc123", holder_name: "Jane Doe",
card_number: "4111111111111111", expiry_month: "12", expiry_year: "2027", cvv: "123" }),
});
Response examples
Valid card:
{ "status": "confirmed", "response_code": "00", "message": "Card is valid and active" }
Invalid card:
{ "status": "declined", "response_code": "14", "message": "Invalid card number" }
Zero-auth flow
Response codes
| Code | Description | Action |
|---|---|---|
00 | Approved | Card is valid — proceed |
05 | Do not honor | Contact cardholder — issuer declined without specific reason |
14 | Invalid card number | Check for typos in the PAN |
51 | Insufficient funds | Not relevant for zero-auth — treat as valid card |
54 | Expired card | Request updated card details |
57 | Transaction not permitted | Card type does not support this operation |
62 | Restricted card | Card is flagged — do not proceed |
63 | Security violation | CVV mismatch — ask cardholder to re-enter |
76 | Invalid account | Account closed or non-existent |
79 | Lifecycle decline | Card was recently reissued — request new details |
N7 | CVV mismatch | Verify the CVV with the cardholder |
91 | Issuer unavailable | Retry after 30 seconds |
96 | System malfunction | Retry with exponential backoff |
389 | Fraud suspicion | Do not retry — flag for manual review |
500 | A55 internal error | Retry or contact support |
Pair with tokenization
Combine zero-auth with tokenization: validate the card first, then tokenize it in the same flow. This ensures you only store tokens for cards that are confirmed active.