# MDES Customer Service source: https://developer.mastercard.com/mdes-customer-service/documentation/index.md Alert: **Please note that the encryption functionality for the Search API is currently not available in the Sandbox environment. We recommend that customers perform their encryption testing in the MTF environment. This will help in identifying any potential issues and ensure that the encryption works as expected before deploying in Production environment.** ## Overview {#overview} The MDES Customer Service API provides our issuers, issuer's processors, and issuer hosts with a solid framework to help answer the cardholders' queries about Mastercard cards, which have been enabled through our digitization platform MDES. This API enables our partners to research and resolve issues related to cardholders' digital cards (i.e. tokens). It provides functionality to provision tokens, manage their lifecycle (i.e. suspend, resume, update, delete), and review their status history. It also allows for the delivery of activation codes, and the resetting of PINs on token-based mobile wallets. ![alt text](https://static.developer.mastercard.com/content/mdes-customer-service/documentation/img/cs-api-search.png) **Obtain Information on Tokens** Obtain detailed token information from a PAN or TUR (Token Unique Reference) ![alt text](https://static.developer.mastercard.com/content/mdes-customer-service/documentation/img/cs-api-token.png) **Perform Lifecycle Management** Perform suspend, unsuspend and delete actions on tokens, change product configurations or update the mapping of existing tokens to a new PAN. ![alt text](https://static.developer.mastercard.com/content/mdes-customer-service/documentation/img/cs-api-card-add.png) **Token Activation** Perform activation and authentication management activities ## How it Works? {#how-it-works} The Customer Service API is designed to be used by issuers' customer service representative to manage the lifecycle of a token. The following diagram illustrates where the token lifecycle management journeys might be initiated and how the Customer Service API interacts with the Issuer's customer service team: ![](https://static.developer.mastercard.com/content/mdes-customer-service/documentation/img/how-it-works2.png) 1. Cardholder contacts the issuer or issuer's contact center to activate a token. * If the cardholder contacts the issuer, the issuer will then contact their customer service representative to activate the token. * If the cardholder directly contacts the issuer's contact centre, the issuer's customer service representative will then use the Token Activate API to activate that token. Refer to the [Token Activate use case](https://developer.mastercard.com/mdes-customer-service/documentation/use-cases/tokenactivate-use-case/index.md) for further details. 2. Cardholder contacts the issuer to perform token lifecycle update either because of a lost/stolen/replacement card or to delete the existing token. * The issuer or issuer's contact center will then use the relevant APIs to Suspend, Unsuspend, Delete or Update a token. Refer to various [use cases](https://developer.mastercard.com/mdes-customer-service/documentation/use-cases/index.md) outlined for further details. 3. Cardholder contacts the issuer's Fraud Management team to report a fraud on their card. * The Fraud Management team will then contact the customer service representative to retrieve the transactions performed by that token and take the appropriate action. Refer to the [Transactions use case](https://developer.mastercard.com/mdes-customer-service/documentation/use-cases/tokentransactions-use-case/index.md) for further details. ## Good to Know {#good-to-know} In order to control access to data, it is required to identify which CID/account ranges can be accessible for a specific Client ID. As such, at the moment of the initial on-boarding and later on during any maintenance process (additional CID, range split, additional range) Mastercard requires that the customer provides the CIS project manager with the Client ID value and CID/account ranges to which it must be associated. In order to allow more flexibility and reduce maintenance, whenever possible, Mastercard recommends the 'CID/account ranges -- Client ID' association rather than 'BIN/account ranges -- Client ID' association. For more information, please contact your CIS project manager. The MDES Customer Service API is designed around the paradigm of tokens and single token enquiries by issuer's Customer Service representatives. It is not designed for batch processing as an alternative to bulk file updates or high-volume ISO network messages. To batch process high volume of token information or lifecycle management requests, use the [03xx Bulk File](https://techdocs.mastercard.com/bundle/m_AM/page/c_MCC106BulkFilesMDES.html) process. [Pre-Release Notifications](https://developer.mastercard.com/mdes-customer-service/documentation/release-history/index.md) provide a minimum of 3 months' notice for changes to new API versions. Mastercard announces upcoming API releases on Mastercard Developers. Note: To keep MDES performance as high as possible and provide the most optimized response time, customers are restricted to not exceed 5 Transactions Per Second (TPS) when using the Customer Service APIs. This throttling limit was setup to reduce the risk of overloading our digital platform with a high volume of API calls. ## Next Steps {#next-steps} Please refer to the [API Basics](https://developer.mastercard.com/mdes-customer-service/documentation/api-basics/index.md) and [Getting Started](https://developer.mastercard.com/mdes-customer-service/documentation/getting-started/index.md) sections to find out more about what to do next.