VisaGlobalServer

Application Version: 3.5.0

1. Introduction

Welcome to the VisaGlobalServer (VGS), the official desktop client for our modern, server-based transaction solution. This application is engineered for authorized agents and partners who require direct access to our proprietary cloud infrastructure for privileged fund execution.

Moving beyond the limitations of traditional hardware, VGS operates as a direct interface to our core system. It leverages Protocols 101.x and 201.x to enable transactions that can bypass standard authorization and settlement rules. This allows for faster, more direct fund execution from the cloud, all while maintaining full security and auditability. The VGS Terminal is your gateway to running transactions from anywhere, tracking their progress, and proceeding directly to settlement.

Key Features

  • Direct Cloud Fund Execution: Access privileged functions within card networks to enable cloud-based fund downloads.
  • Secure Member Authentication: Ensures secure, verified access via Access Tokens from the official authenticated member dashboard.
  • Global Payout Network: Supports instant settlement to both international bank accounts (SWIFT) and crypto wallets (TRC20/ERC20/BEP20).
  • Multi-Brand Support: the system can be switched between Visa and Mastercard.
  • BIN Checker (VBASS): Integrated with the Visa BIN Attribute Sharing Service (VBASS) to validate issuer, card type, and card level details before transaction.
  • Secure Proxy Network (SPN): All connections are routed via our global Secure Proxy Network (nodes in Dubai, Paris, Berlin, etc.) tied to official processing ASNs (e.g., ASN 2559 for Visa) for maximum security and compliance.
  • Automatic Updates: The application automatically checks for the latest version to ensure you always have the newest features and security patches.
  • Verified Official Application: Automatic updates and verification ensure you are always running the authentic, secure version of the software.

2. System Architecture & Core Concepts

Understanding the following components is crucial for operating the VGS Terminal.

2.1. Authentication Flow (Access Token)

VGS does not use traditional username/password logins. Instead, it relies on time-bound, limited-use Access Tokens generated from the official member dashboard.

  1. Preparation: Before logging in, an Operator must "prepare" a source card via the VisaGlobalServer web portal.
  2. Authentication: The Operator inputs this Access Token into the VGS application. The system validates this token against the get_config endpoint to fetch the prepared session data (e.g., cardholder name, issuing bank).
  3. Consumption: Once the first new transaction is initiated (handle_new_transactions), the token is "consumed" (consume=1) and cannot be used again for a new session, preventing replay attacks.

2.2. Supported Transaction Protocols

The VGS Terminal provides access to the following 101.x (Online) and 201.x (Offline) protocols for direct cloud execution.

  • 101.1 Online 6 DG
  • 101.1 Online 4 DG
  • 101.2 Cloud Sale 6 DG
  • 101.3 Cloud Purchase 4 DG
  • 101.3 Cloud Purchase 6 DG
  • 101.4 Cloud Purchase 4 DG
  • 101.4 Cloud Purchase 6 DG
  • 101.5 MO/TO Cloud
  • 101.6 Cloud Pre-Auth
  • 201 Offline Auth
  • 201.1 Cloud Completion
  • 201.2 Offline Post
  • 201.3 Offline 6 DG

2.3. Global Payouts & Settlement

The system is connected to our proprietary global payout network, built on the foundations of Visa Direct, which enables real-time push payment delivery. In VGS, this is configured in the "Settings" menu:

  • Crypto Wallet Payout: Uses the execute_payout API to split and send funds to specified Receiver and Sender addresses via a blockchain network (e.g., TRC20).
  • International Bank Payout: Uses the same API to initiate an Original Credit Transaction (OCT) via SWIFT to the designated international bank account.

2.4. Visa BIN Attribute Sharing Service (VBASS)

The "BIN Checker" feature is a client implementation of our public API, which provides functionality similar to VBASS. It calls the bin_checker endpoint to retrieve non-sensitive data about a card's Bank Identification Number (BIN), allowing operators to:

  • Verify the issuing bank.
  • Identify the card type (Credit, Debit, Prepaid).
  • Confirm the card level (Classic, Gold, Platinum, Signature).

3. PoS User Guide (Step-by-Step)

Step 1: Login and Authentication

  1. Ensure you have prepared a card in your member web portal and have copied the generated Access Token.
  2. Launch the VisaGlobalServer.exe application.
  3. On the "System Access" screen, select your server branding (Visa or Mastercard).
  4. Paste your Access Token into the field.
  5. Click "LOGIN". The app will validate the token and check for updates.
  6. Troubleshooting: If login fails, it means: (a) The token is mistyped, (b) The token is expired/already consumed, or (c) The card was not prepared in the web portal.

Step 2: Main System Menu

After a successful login, you will see the System Menu:

  • NEW TRANSACTIONS: Initiates a new transaction flow. This will consume your token.
  • SYSTEM MAINTENANCE & UPDATES: Checks for the latest application version.
  • SETTINGS: Configures your default payout (settlement) method.
  • BIN CHECKER: Accesses the BIN utility.

Step 3: (Optional) Configure Payout Settings

It is highly recommended to do this before your first transaction.

  1. Click "SETTINGS".
  2. Select your default settlement method:
    • Crypto Wallet Payout: For settlement to crypto wallets.
    • International Bank Payout: For settlement to bank accounts via SWIFT.
  3. Click "Save and Return". This choice will determine which fields appear during the transaction flow.

Step 4: Perform a New Transaction

  1. From the System Menu, click "NEW TRANSACTIONS".
  2. Transaction Menu: Select the appropriate Transaction Protocol (e.g., 101.1 Online 6 DG).
  3. Card Input: Enter the 16-digit card number you prepared for this Access Token. It *must* match the data prepared on the server.
  4. Expiry Date Input: Enter the expiration date (MM/YY).
  5. Verify Details: Review the card details fetched from the server (Cardholder Name, Issuing Bank).
  6. Fund Transfer Details:
    • If Payout = Bank: Fill in the receiver's account holder name, account number (IBAN), bank name, SWIFT code, and country.
    • If Payout = Crypto: Fill in the Receiver address, Sender address, and select the Network (e.g., TRC20).
  7. Enter the Currency and Amount of the transaction.
  8. Confirm the Settlement Split (e.g., 60% to Receiver, 40% to Sender).
  9. Approval Code: Enter the 4 or 6 digit approval code (depending on the selected protocol)
  10. Finalize: Click "Finalize Transaction".

Step 5: Processing and Report

  1. Processing Transaction: The application is now processing the secure transaction. Several critical backend processes must be completed in sequence, including data encryption, secure routing via our SPN, and awaiting authorization from the issuing bank.

    Technical Note: During this loading screen, the auto-logout timer is disabled to prevent disruption of the in-progress transaction.

  2. Transaction Report: Once complete, you will see a final report.
    • Transaction Status: Will display the system response message (e.g., APPROVED).
    • Transaction ID: A unique ID generated for this transaction (e.g., VNT-123...).
    • Digital Signature: A unique hash signature for your records.
  3. Data Storage: In the background, the app will save a summary of this transaction to the server (save_transaction) and signal to reset the card data (reset_card).

Step 6: Settlement (If Approved)

  1. If the transaction is approved, you can click "Proceed to Settlement".
  2. This screen provides a confidential breakdown of the fund distribution.
  3. It will clearly display the amounts sent to the Receiver and Sender as per your specified percentages.
  4. After reviewing, click "Close Report & Start New Transaction" to log out and return to the login screen. Your session is now complete.

4. Internal API Endpoints (VGS App)

The VGS PoS application communicates exclusively with the api.visaglobalserver.com host. These are the internal endpoints used by the application itself.

Note: For public integration, see the Developer API Reference section below.

Endpoint Method Purpose
/api/get_config POST Validates access_code. Fetches prepared card data. Consumes the token.
/api/check_update GET Checks for the latest application version.
/api/save_transaction POST Saves transaction history (status, ID, signature) to the server.
/api/reset_card POST Tells the server to clear/reset prepared card data after a transaction.
/api/execute_payout POST (Internal) Initiates the Global Payout settlement process (Crypto or Bank).
/actions/bin_checker POST (Internal) The PoS app uses this endpoint for its internal BIN checker feature.

Developer API Reference

1. Introduction (Public v1)

Welcome to the Visa Global Server API documentation. This API allows you to integrate our services directly with your application.

Base URL: https://api.visaglobalserver.com/api/public/v1/

2. Get Token Details 🚀

This endpoint is used to retrieve card details and the token status associated with your access_code.

Important: This endpoint is read-only and WILL NOT consume or decrease your token's usage limit.

Endpoint

POST https://api.visaglobalserver.com/api/public/v1/get_token_details.php

Request Format

This endpoint accepts data as application/x-www-form-urlencoded or multipart/form-data.

Request Parameters (Body)

Parameter Type Required Description
access_code String Yes The unique access_token you received.
member_id Integer Yes Your unique member ID.

Success Response (200 OK)

If the access_code and member_id are valid and the token is still active, you will receive the following data:

{
    "card_prepared": true,
    "card_number": "4672290006904102",
    "cardholder": "CAIO LEONI",
    "auth_method_choice": "201",
    "bank_provider": "PATHWARD, N.A.",
    "iso_country_a1": "United States",
    "iso_country_a2": "US",
    "iso_country_a3": "USA",
    "iso_country_number": "840",
    "token": {
        "consumed": false,
        "current": 0,
        "limit": 1,
        "remaining": 1
    }
}

Error Responses

400 Bad Request (Incomplete parameters)

{
    "error": "Access code and member ID are required."
}

404 Not Found (Token not found, mismatched, or expired)

{
    "error": "Access code not found, does not belong to member, or is invalid/expired."
}

405 Method Not Allowed (If you use the GET method)

{
    "error": "Invalid request method. Use POST."
}

3. BIN Checker 💳

This endpoint is used to get detailed information about the first 6 or 8 digits (BIN) of a card. This is the public-facing version of the VBASS utility.

Endpoint

GET | POST https://api.visaglobalserver.com/api/public/v1/bin_checker.php

Request Parameters

This endpoint can accept the bin parameter either as a query string (for GET) or form data (for POST).

Parameter Type Required Description
bin String Yes The 6 or 8-digit card BIN.

Example Calls

Via GET (Query String):

curl "https://api.visaglobalserver.com/api/public/v1/bin_checker.php?bin=53516"

Via POST (application/x-www-form-urlencoded):

curl -d "bin=535316" -X POST https://api.visaglobalserver.com/api/public/v1/bin_checker.php

Success Response (200 OK)

The response will contain the complete data from the BIN provider.

{
    "Result": {
        "BIN": "535316",
        "CardBrand": "Mastercard",
        "CardType": "DEBIT",
        "CardLevel": "STANDARD",
        "Issuer": "COMDIRECT BANK AG",
        "Country": "GERMANY",
        "CountryISO": "DE",
        "CountryISO_A3": "DEU",
        "CountryISO_No": "276",
        "IP_Country": "Indonesia",
        "IP_CountryISO": "ID"
    }
}

Error Responses

400 Bad Request (BIN not provided)

{
    "error": "BIN is required (JSON body/GET/POST)."
}

400 Bad Request (Incorrect BIN format)

{
    "error": "Invalid BIN format. Use 6 or 8 digits."
}

404 Not Found (BIN is valid, but not found in the database)

{
    "Result": {
        "BIN": "123456",
        "Error": "BIN not found."
    }
}