English 
Français 1. Introduction
These Card Provider Terms (“Card Terms”) govern the issuance, funding, management, and termination of payment cards issued through the Fyatu platform under a Client’s card programme. They supplement the Fyatu Terms of Service and form part of the agreement between Fyatu Financial Technologies Limited (“Fyatu”) and the Client (“you”).
By activating a card programme or issuing cards via the Fyatu API, you confirm that you have read, understood, and agree to be bound by these Card Terms in addition to the Terms of Service, Privacy Policy, and AML Policy.
2. Card Issuer and Programme Manager
Cards are issued by licensed financial institutions (“BIN Sponsors”) authorised by Visa and/or Mastercard to issue payment cards. Fyatu acts as the programme manager, facilitating card issuance, lifecycle management, and transaction processing on behalf of the BIN Sponsor.
The BIN Sponsor is the legal issuer of all cards under your programme and is subject to the rules and regulations of the applicable card network. Your card programme and all cards issued under it are subject to Visa and/or Mastercard network rules, as well as any additional requirements imposed by the BIN Sponsor.
3. Eligibility
To issue cards under a card programme, the Client must:
- Hold an active, verified Fyatu business account
- Have completed all required KYC and business due diligence
- Have paid the Setup Fee and activated a programme under the Terms of Service
- Have configured at least one card product via the Fyatu dashboard or API
Fyatu reserves the right to decline card issuance requests or suspend a card programme at its sole discretion.
4. Card Types and Capabilities
Virtual Cards
Digital cards with a card number, expiry date, and CVV, issued instantly via API. Suitable for online transactions, subscription billing, and digital-first use cases.
Physical Cards
Standard plastic cards produced and shipped to the cardholder’s address. Lead time and production fees apply and are agreed separately.
Tokenized Cards
Cards that can be provisioned to Apple Pay or Google Pay for contactless payments at supported merchants and terminals. Tokenization is available where enabled in your programme configuration.
Card Networks
Cards are issued on the Visa and/or Mastercard networks. The available network is determined by your BIN configuration and programme agreement.
Card Currency
Cards are denominated in USD or EUR. The denomination currency is set at the card product level and cannot be changed after a card is issued.
5. Card Programme Configuration
Clients configure their card programme through the Fyatu dashboard or API before issuing cards. Configuration includes:
- Card product definition (network, currency, card type, validity period)
- Default and per-card spending limits
- Spend controls (MCC restrictions, merchant blocks, geographic limits)
- KYC mode (Managed KYC or Shared KYC)
- 3D Secure settings
- JIT Authorization webhook endpoint (where applicable)
Fyatu provides a sandbox environment that mirrors production for testing all configuration before go-live.
6. Card Issuance
Cards are issued programmatically via the Fyatu REST API or through the Fyatu dashboard. Each card issued is charged at the card issuance fee set out in your pricing schedule.
The Client is responsible for:
- Ensuring each cardholder has completed the required identity verification before a card is issued (under Shared KYC)
- Passing accurate cardholder data to the Fyatu API at the point of issuance
- Communicating card details (number, expiry, CVV) to cardholders securely
- Maintaining the confidentiality of cardholder PAN data in compliance with PCI DSS requirements
Fyatu does not store raw PANs on its infrastructure. Card details are returned at issuance and must be retrieved securely via the API.
7. Card Funding
Cards are funded from the Client’s Programme Balance. Funding methods available to the Client:
- Stablecoins — USDT (TRC20) and USDC (Polygon), credited to the Programme Balance upon confirmation
- Other rails — Additional funding rails as agreed in your programme configuration
The Client is responsible for maintaining a sufficient Programme Balance to cover card spend, fee deductions, and potential chargebacks. Cards will decline transactions if the available balance is insufficient.
For programmes using JIT Authorization, card funding occurs in real time at the point of authorisation via a webhook call to the Client’s server. The Client’s server must respond within the configured timeout window; failure to respond results in a declined transaction.
8. Spending Limits and Spend Controls
The Client sets spending limits and spend controls at the card product level or per individual card via the API. Available controls include:
- Per-transaction limits — Maximum single transaction amount
- Daily and monthly limits — Cumulative spend caps per card
- MCC restrictions — Allow or block specific merchant category codes
- Merchant-level controls — Block or allow specific merchants by name or MID
- Geographic restrictions — Limit card acceptance to specific countries or regions
Fyatu and the BIN Sponsor reserve the right to apply additional limits for risk management or regulatory compliance purposes, which may override Client-configured controls.
9. Card Usage
Permitted Use
Cards issued under the Client’s programme may be used for:
- Online purchases at merchants that accept Visa or Mastercard
- Point-of-sale transactions where supported by the card type and programme configuration
- Contactless payments via Apple Pay or Google Pay (for tokenized cards)
- Subscription and recurring billing
Restrictions
- ATM cash withdrawals are not supported
- Cards may not be used for transactions prohibited under the Terms of Service or the Prohibited Goods and Services appendix
- Cards may not be used for sanctions-restricted transactions or with sanctioned entities
- Fyatu may decline transactions flagged by fraud detection systems regardless of available balance
3D Secure
Cards support 3D Secure 2.0 authentication for online transactions. 3DS is enabled by default on all programmes. The Client is responsible for configuring their 3DS flow and ensuring cardholders can complete authentication. Transactions requiring 3DS that cannot be authenticated will be declined.
10. Fees
All fees applicable to card issuance and management are set out in the Client’s pricing schedule (Schedule A of the Pricing & Commercial Terms). The applicable rates under the standard plan are:
| Fee | Basis | Rate |
|---|---|---|
| Card Issuance | per card issued | $1.00 |
| Monthly Card Maintenance | per active card / month | Free |
| Card Termination | per card closed | Free |
| Cross-border Transaction | % of transaction amount | 2.5% |
| Decline Fee | per declined authorisation | $0.40 |
| Refund / Reversal | Free | |
| Dispute / Chargeback | per case, win or lose | $30.00 |
Fees are deducted from the Programme Balance as they occur. Fyatu reserves the right to modify fees with 30 days’ prior notice.
11. Card Validity
- Card validity periods are 1 year, 3 years, or 5 years, configured at the card product level.
- The expiry date is set at issuance and displayed in the API response and dashboard.
- Cards are not automatically renewed. The Client must issue a replacement card if required.
- Any remaining balance on an expired card is returned to the Programme Balance.
12. Card Suspension and Termination
By the Client
The Client may freeze (temporarily suspend) or terminate any card under their programme at any time via the API or dashboard. Freezing a card declines all subsequent transactions. Pending authorisations already submitted to the network may still settle. Termination is permanent and cannot be reversed.
By Fyatu
Fyatu may suspend or terminate cards or an entire card programme without prior notice if:
- Suspicious or fraudulent activity is detected at the card or programme level
- The Client breaches these Card Terms or the Terms of Service
- The Client’s account is suspended or terminated
- Required by the BIN Sponsor, card network, or a regulatory or law enforcement authority
- The Client fails to maintain adequate KYC or AML controls for their cardholders
Upon programme termination, all active cards are terminated immediately, card balances are returned to the Programme Balance, and the Programme Balance is refunded in accordance with the wind-down procedure in the Terms of Service.
13. Disputes and Chargebacks
Merchant Refunds
Refunds initiated by merchants are credited to the originating card balance. If the card has been terminated or expired, the amount is credited to the Programme Balance. Processing time depends on the merchant and typically takes 5 to 15 business days.
Chargebacks
The Client is responsible for managing chargeback disputes on behalf of their cardholders. To initiate a chargeback:
- Submit the dispute via your dedicated Slack channel or at [email protected] with supporting documentation
- A $30.00 chargeback fee applies per case, regardless of outcome, deducted from the Programme Balance at the time of filing
- Chargebacks follow the standard dispute resolution timelines of the applicable card network (Visa or Mastercard)
- The outcome is determined by the card network and is final
- The Client bears full financial responsibility for chargeback losses and any associated network fines
Fyatu will not accept chargeback disputes submitted by individual cardholders directly. All disputes must be submitted by the Client on behalf of their cardholders.
14. Client Responsibilities
As a card programme operator, you are responsible for:
- Ensuring cardholders complete the required KYC verification before cards are issued
- Communicating card details to cardholders through secure, encrypted channels
- Instructing cardholders to keep card details (number, CVV, expiry) confidential
- Monitoring your programme for fraudulent or suspicious transaction patterns
- Reporting suspected fraud or compromised cards to Fyatu promptly via your Slack channel
- Ensuring cardholders use cards only for lawful transactions in compliance with these Card Terms and your own end-user terms of service
- Maintaining PCI DSS compliance in your systems where cardholder data is handled
15. Liability
The Client bears full liability for all transactions processed under its card programme, including unauthorized transactions resulting from inadequate cardholder verification or insufficient fraud controls.
Fyatu is not liable for:
- Merchant refusal to accept a card
- Card network outages or BIN Sponsor technical failures
- Transactions declined due to insufficient Programme Balance, spending limits, or fraud flags
- The quality, safety, or delivery of goods or services purchased using cards issued under the Client’s programme
- Chargeback losses or network fines arising from the Client’s programme
Fyatu’s total liability under these Card Terms is capped at the Monthly Platform Fee paid in the calendar month immediately preceding the event giving rise to the claim.
16. Amendments
Fyatu may amend these Card Terms at any time. Material changes will be communicated via the Client’s dedicated Slack channel and by email at least 30 days before taking effect. Continued use of the platform after the effective date constitutes acceptance of the amended Card Terms.
17. Contact
For card programme inquiries, disputes, or technical support, reach us via your dedicated Slack channel or by email:
- Programme support: [email protected]
- Chargeback disputes: [email protected]
- Business inquiries: [email protected]
