Display card details
Last updated: August 30, 2023
A card’s details, or credentials, include its unique 16-digit card number (PAN) and its security code (CVC2).
We offer three ways of displaying these details: either in your app, using our API, or in the Dashboard.
If you’re an administrator, you can also allow your users to view card details.
If you've integrated the Issuing Android SDK or iOS SDK into your app, you can enable your cardholders to view their card information through your app.
You must authenticate your cardholders for each session in which they use functionality provided by the SDK.
In the sandbox and production SDK environments, you are responsible for authenticating users. To do this, use an access token that your application has received from your authentication backend.
Note
In the iOS SDK's stub environment, you can provide any String
instead, as all responses return mock data. The Android SDK does not provide a stub environment.
1val token = "<ACCESS_TOKEN>"2cardManager.logInSession(token)
Once you’ve authenticated the cardholder, and your application, you can return a list of their cards:
1cardManager.getCards { result: Result<List<Card>> ->2result.onSuccess {3// You'll receive a list of cards that you can integrate within your UI4// The card info includes the last 4 digits (PAN), expiry date, cardholder name, card state, and id5}.onFailure {6// If something goes wrong, you'll receive an error with more details7}8}
Once you've retrieved a cardholder's cards, you can retrieve the cards' secure data, including:
- the last four digits of the long card number, also known as the Primary Account Number (PAN)
- the expiry date
- the cardholder's name
- the card's state, with a value of
inactive
,active
,suspended
, orrevoked
- the card's unique ID
Separate API calls are required to retrieve the PIN, PAN, CVV, and joint PAN and CVV data.
Each individual API call is subject to a unique Strong Customer Authentication (SCA) flow. When an authentication flow is completed, you can request a single use token that you should provide to the SDK to execute an individual request.
1val singleUseToken = "<SINGLE_USE_TOKEN_RETRIEVED_AFTER_SCA>"23// Request sensitive data via the card object4card.getPin(singleUseToken) { result: Result<AbstractComposeView> ->5result6.onSuccess {7// Receives a UI component that you can display to the user8}.onFailure {9// If something goes wrong, you'll receive an error with more details10}11}
The UI component protects the returned value and delivers it directly to the user. The sensitive card data is never displayed to you, or sent to your server.
The UI component's visuals are defined by the values you supplied to CardManagementDesignSystem
when you integrated the Android SDK or iOS SDK.
If you're a regulated entity, or you're issuing cards to your business, you can display the card details using the API:
To do this, call the Get the card credentials endpoint with the cardId
value, and specify which details to retrieve with the credentials
field. For example:
1{2"credentials": "number, cvc2"3}
Note
When you call the Create a card endpoint for a virtual card, the successful 201
response will include both the Card number (PAN) and CVC2 details.
To do this:
- In the Dashboard, go to the Card issuing tab. Select Cards.
- Use search or filters to find a card.
- Click on the card to view its details
- Select View card credentials. This option will only be available to you if you have permission to view card details.
To view card details, users must have the required user permission. For security reasons, no default roles include this permission by default. This means you have to create a custom role, which you can assign to your users.
To create a custom role:
- In the Dashboard, go to the Teams tab.
- Select Permissions.
- Create a new role.
- Give the new role a name, then add the View card number and cvc2 permission.
- Save the new role.
To assign the custom role:
- Go to the Teams tab.
- Select Permissions.
- Select an existing user and apply the custom role to them. Alternatively, create a new user and apply the custom role. The user will now be able to view the card details in the Dashboard.