Card payments

P2C is the Cross River payment-to-card solution for disbursement of funds. P2C allows merchants to transfer money to and from debit card accounts. These transfers happen through participating debit card networks. P2C has a comprehensive set of APIs, which are separate from other Cross River APIs.

As a Cross River merchant partner, there are 6 objects you can call for P2C:

  • Cards

  • iFrame

  • Transactions

  • FX rates

  • OFAC

  • Webhooks


When accessing card payments APIs, specify the following scope: crbapi.

Webhook events

When an event happens, P2C triggers a webhook. Webhooks contain real-time notifications. Webhooks update you on the status of your cards. Register the callback URL once for all webhook events. The API sends these updates, which include full event details, to your system. This eliminates the need to poll the API to discover changes.

Status updates

Go to our status page and subscribe to alerts, which lets you: 

  • Monitor current API status

  • View incident reports

  • Get notified about scheduled maintenance.

Access our sandbox



Push APIs

Pull APIs


To access the sandbox, see the Get started page and follow the instructions to register, authenticate, and start working.

Base URLs




Card network response codes

Card networks return response codes to approve or decline a transaction. They follow the standards set by the International Organization for Standardization (ISO) 8583. This standard defines a specific message format so that different systems can communicate. Every network can adapt the standard for its own use.

Have the funds been transferred? 

The following response codes determine if funds were transferred at the end of the transaction.

  1. 00 - a successful funds transfer

  2. 91 - this error while processing the transaction means the transaction status is unknown. The issue is on the side of the issuer. If this happens, do not attempt to retry the transaction. Instead, wait until the next day and check the status in the daily settlement file. Contact

Pull transaction retried too often

To promote good user behavior, Visa and MasterCard run integrity programs. These prevent negative impact on cardholders and processing systems caused by bad authorizations. Before you retry a pull transaction, check the table below.

Error codes

Error code Description
1000 validation A field in the message didn't pass validation. See the description for more information.
2000 application The message format is incorrect.
3000 security A security issue occurred.
9999 system An internal server system error occurred.