Skip to main content
March 2026
v1.4.4

API Enhancements

New KYC Rejection Reasons for CardsAdded three new detailed rejection reasons for card KYC review:ID Document Rejections:
  • Invalid ID (name check hit) - The cardholder’s name triggered a name screening check
  • Invalid ID (exceed the company's risk appetite) - The application exceeds the company’s risk appetite threshold
Supporting Document Rejections (Non-HK Residents):
  • Additional Doc for Non-HK Resident (missing id back photo) - The back photo of the ID document is missing
These rejection reasons are returned in the rejectedReason field when the KYC status is rejected.📚 API Reference: Get Client Identity →
新增卡片 KYC 拒絕原因新增三項卡片 KYC 審核的詳細拒絕原因:身份證件拒絕:
  • Invalid ID (name check hit) - 持卡人姓名觸發了姓名篩查
  • Invalid ID (exceed the company's risk appetite) - 申請超出公司風險承受範圍
證明文件拒絕(非香港居民):
  • Additional Doc for Non-HK Resident (missing id back photo) - 缺少身份證件背面照片
當 KYC statusrejected 時,這些拒絕原因會在 rejectedReason 欄位中返回。📚 API 參考:取得客戶身份資訊 →
March 2026
v1.4.3

API Enhancements

Enhanced Transaction Intent DescriptionsThe intent field on transactions and the intent query parameter on the List Transactions endpoint now include detailed descriptions for all supported values:
  • charge - Card purchase or payment authorization
  • refund - Reversal or refund of a previous charge
  • topup - Funds loaded into the card account
  • withdraw - Funds withdrawn (e.g. ATM or cash advance)
  • repay - Repayment towards outstanding balance
  • cashback - Cashback reward credited to the account
  • interest - Interest accrued on outstanding balance
  • transfer - Balance transfer between card accounts
  • fee - Service fees (e.g. annual fee, late payment fee)
  • other - Uncategorized transaction types
The intent query filter now also accepts an array of values for filtering by multiple intent types.📚 API Reference: List Transactions →
New KYC Rejection ReasonAdded a new rejection reason for address verification during KYC review:
  • Incomplete Info (not residential address) - The address provided is not a valid residential address
This rejection reason is returned in the rejectedReason field when the KYC status is rejected.📚 API Reference: Get Client Identity →
交易意圖說明增強交易的 intent 欄位及列出交易端點的 intent 查詢參數現已包含所有支援值的詳細說明:
  • charge - 卡片消費或支付授權
  • refund - 退款或撤銷先前的消費
  • topup - 資金存入卡賬戶
  • withdraw - 資金提取(如 ATM 或現金預借)
  • repay - 償還未清餘額
  • cashback - 現金回饋獎勵
  • interest - 未清餘額的利息
  • transfer - 卡賬戶之間的餘額轉帳
  • fee - 服務費用(如年費、逾期還款費)
  • other - 未分類的交易類型
intent 查詢篩選器現在也支援數組值,可同時按多種意圖類型進行篩選。📚 API 參考:列出交易 →
新增 KYC 拒絕原因新增一項用於地址驗證的 KYC 審核拒絕原因:
  • Incomplete Info (not residential address) - 提供的地址不是有效的住宅地址
當 KYC statusrejected 時,此拒絕原因會在 rejectedReason 欄位中返回。📚 API 參考:取得客戶身份資訊 →
February 2026
v1.4.2

New Features

Sandbox Simulation for Client Identity VerificationProgrammatically simulate the approval or rejection of Client Identity (KYC) verification for card accounts in the Sandbox environment. This allows you to test your webhook handlers and downstream flows immediately without waiting for manual intervention.

What’s New:

A new endpoint POST /cardaccounts/simulate-client-identity-status is now available in the Sandbox environment.
Sandbox Only: This endpoint is only available in the Sandbox environment and is not available in Production.

Usage:

Send a request with the cardAccountId and the desired action (approve or reject).

Example Request:

{
  "cardAccountId": "123e4567-e89b-12d3-a456-426614174000",
  "action": "reject",
  "rejectedReason": "Document expired"
}
Simulating a status change triggers the exact same domain events and webhooks (e.g., ClientIdentityApproved, ClientIdentityRejected) as a real manual review, ensuring your integration is fully tested against production-like behavior.📚 API Reference: Simulate Client Identity Status →
客戶身份驗證沙盒模擬在沙盒環境中以程式方式模擬卡賬戶客戶身份(KYC)驗證的批准或拒絕。這使您能夠在無需運營團隊手動干預的情況下,即時測試您的 Webhook 處理程序和下游流程。

新增內容:

沙盒環境中新增了端點 POST /cardaccounts/simulate-client-identity-status
僅限沙盒環境: 此端點僅在沙盒環境中可用,在生產環境中不可用。

使用方法:

發送包含 cardAccountId 和所需 action(approve [批准] 或 reject [拒絕])的請求。

請求範例:

{
  "cardAccountId": "123e4567-e89b-12d3-a456-426614174000",
  "action": "reject",
  "rejectedReason": "Document expired"
}
模擬狀態變更會觸發與真實人工審核完全相同的領域事件和 Webhooks(例如 ClientIdentityApprovedClientIdentityRejected),確保您的集成測試與生產行為一致。📚 API 參考:模擬客戶身份狀態 →
February 2026
v1.4.1

API Enhancements

Enhanced KYC Rejection Reasons for Supporting DocumentsAdded five new detailed rejection reasons specifically for supporting documents submitted by non-Hong Kong residents. These new rejection codes provide clearer feedback when supporting documents are rejected during KYC review:
  • Additional Doc for Non-HK Resident (document type not accepted) - The submitted document type is not accepted
  • Additional Doc for Non-HK Resident (expired document) - The submitted document has expired
  • Additional Doc for Non-HK Resident (unclear image) - The document image quality is insufficient
  • Additional Doc for Non-HK Resident (document not belong to client) - The document does not belong to the applicant
  • Additional Doc for Non-HK Resident (potential bogus document) - The document appears to be fraudulent
These rejection reasons are returned in the rejectedReason field when the KYC status is rejected.📚 API Reference: Get Client Identity →
February 2026
v1.4.0

Important Update

Travel Permit Document Submission Update
Effective Date: February 1, 2026, 00:00 HKT
The Hong Kong Permit for Travelling to and from Hong Kong and Macao (往來港澳通行證 / 回鄉證) supporting document type has been updated to require both front and back images to be submitted together.

What’s Changing:

The previous document type TRAVEL_PERMIT has been replaced with two new document types:
  • TRAVEL_PERMIT_FRONT - Front side of the permit
  • TRAVEL_PERMIT_BACK - Back side of the permit
Important: When submitting a travel permit as a supporting document, both TRAVEL_PERMIT_FRONT and TRAVEL_PERMIT_BACK must be included in the supportingDocuments array. Submissions with only one side will be rejected with an error.

Example Submission:

{
  "supportingDocuments": [
    {
      "documentType": "TRAVEL_PERMIT_FRONT",
      "file": "data:image/jpeg;base64,..."
    },
    {
      "documentType": "TRAVEL_PERMIT_BACK",
      "file": "data:image/jpeg;base64,..."
    }
  ]
}
📖 View complete technical details →📚 API Reference: Create Card Account →
往來港澳通行證文件提交要求更新
生效日期: 2026年2月1日,香港時間 00:00
「往來港澳通行證 / 回鄉證」證明文件類型已更新,現在要求同時提交正面和背面圖像

變更內容:

先前的文件類型 TRAVEL_PERMIT 已被替換為兩個新的文件類型:
  • TRAVEL_PERMIT_FRONT - 通行證正面
  • TRAVEL_PERMIT_BACK - 通行證背面
重要提示: 當提交往來港澳通行證作為證明文件時,必須supportingDocuments 陣列中同時包含 TRAVEL_PERMIT_FRONTTRAVEL_PERMIT_BACK。僅提交一面的申請將會被拒絕並返回錯誤。

提交範例:

{
  "supportingDocuments": [
    {
      "documentType": "TRAVEL_PERMIT_FRONT",
      "file": "data:image/jpeg;base64,..."
    },
    {
      "documentType": "TRAVEL_PERMIT_BACK",
      "file": "data:image/jpeg;base64,..."
    }
  ]
}
📖 查看完整技術細節 →📚 API 參考:創建卡帳戶 →
February 2026
v1.3.0

Important Updates

New Mandatory KYC Requirements for Individual Cardholders
Effective Date: February 1, 2026, 00:00 HKT
Starting February 1, 2026 at 00:00 HKT, the following fields will become mandatory when creating card accounts for individual cardholders:
  • occupation - Select from /v1/occupations endpoint
  • position - Select from /v1/positions endpoint
  • gender - MALE or FEMALE
  • nationality - ISO 3166-1 alpha-2 format (e.g., HK)
  • supportingDocuments - Required for non-Hong Kong (HK) nationals (see accepted document types →)
Action Required: Update your integration before Feb 1, 2026 at 00:00 HKT to collect these fields.📖 View detailed requirements and accepted documents →📚 API Reference: Create Card Account →
個人持卡人強制性 KYC 要求更新
生效日期: 2026年2月1日,香港時間 00:00
自2026年2月1日 00:00 HKT起,為個人持卡人創建卡帳戶時以下欄位將成為強制性要求:
  • occupation(職業)- 從 /v1/occupations 端點選擇
  • position(職位)- 從 /v1/positions 端點選擇
  • gender(性別)- MALE 或 FEMALE
  • nationality(國籍)- ISO 3166-1 alpha-2 格式(例如:HK)
  • supportingDocuments(證明文件)- 非香港 (HK) 國籍申請人必須提供(查看可接受的文件類型 →
需採取行動: 請在2026年2月1日 00:00 HKT前更新您的系統以收集這些欄位。📖 查看詳細要求和可接受文件 →📚 API 參考:創建卡帳戶 →
December 2025
v1.2.0

New Features

New 3D Secure (3DS) Challenge Flow for Online TransactionsEnhanced security for online transactions with the new 3DS challenge flow, providing a more secure and streamlined verification experience.📖 View 3D Secure Integration Guide →
Go-Live Date: December 19, 2025, 00:00 HKT
⚠️ Deprecated Webhook: cardaccount.transaction.verification-code-delivered - This webhook has been replaced by the new 3DS challenge flow. Please migrate to the new integration.
November 2025
v1.1.0

New Features

Webhook Auto-Recovery MechanismNew automatic recovery system for suspended webhooks to reduce manual intervention and prevent webhook accumulation:
  • Auto-Recovery: Suspended webhooks are automatically pinged every 5 minutes for up to 24 hours
  • Automatic Resumption: If a ping succeeds, webhook delivery resumes automatically without manual intervention
  • Auto-Deletion: Webhooks are automatically deleted if they remain suspended with failed recovery pings for 24 consecutive hours
📖 Learn more about webhook recovery →
Go-Live Date: November 29, 2025, 00:00 HKT