Display card details

Last updated: August 30, 2023

A card’s details, or credentials, include its unique 16-digit card number (PAN) and its security code (CVC2).

We offer three ways of displaying these details: either in your app, using our API, or in the Dashboard.

If you’re an administrator, you can also allow your users to view card details.

If you've integrated the Issuing Android SDK or iOS SDK into your app, you can enable your cardholders to view their card information through your app.

You must authenticate your cardholders for each session in which they use functionality provided by the SDK.

In the sandbox and production SDK environments, you are responsible for authenticating users. To do this, use an access token that your application has received from your authentication backend.

Note

In the iOS SDK's stub environment, you can provide any String instead, as all responses return mock data. The Android SDK does not provide a stub environment.


1val token = "<ACCESS_TOKEN>"
2cardManager.logInSession(token)


1let token = "<ACCESS_TOKEN>"
2cardManager.logIn(with: token)

Once you’ve authenticated the cardholder, and your application, you can return a list of their cards:


1cardManager.getCards { result: Result<List<Card>> ->
2  result.onSuccess {
3    // You'll receive a list of cards that you can integrate within your UI
4    // The card info includes the last 4 digits (PAN), expiry date, cardholder name, card state, and id
5  }.onFailure {
6    // If something goes wrong, you'll receive an error with more details
7  }
8}


1cardManager.getCards { result in
2  switch result {
3  case .success(let cards):
4    // You'll receive a list of cards that you can integrate inside your UI
5    // Returned card info includes last 4 digits (PAN), expiry date, cardholder name, card state, and card ID
6  case .failure(let error):
7    // If something goes wrong, you'll receive an error with more details
8  }
9}

Once you've retrieved a cardholder's cards, you can retrieve the cards' secure data, including:

the last four digits of the long card number, also known as the Primary Account Number (PAN)
the expiry date
the cardholder's name
the card's state, with a value of inactive, active, suspended, or revoked
the card's unique ID

Separate API calls are required to retrieve the PIN, PAN, CVV, and joint PAN and CVV data.

Each individual API call is subject to a unique Strong Customer Authentication (SCA) flow. When an authentication flow is completed, you can request a single use token that you should provide to the SDK to execute an individual request.


1val singleUseToken = "<SINGLE_USE_TOKEN_RETRIEVED_AFTER_SCA>"
2
3// Request sensitive data via the card object
4card.getPin(singleUseToken) { result: Result<AbstractComposeView> ->
5  result
6    .onSuccess {
7      // Receives a UI component that you can display to the user
8    }.onFailure {
9      // If something goes wrong, you'll receive an error with more details
10    }
11}


1let singleUseToken = "<SINGLE_USE_TOKEN_RETRIEVED_AFTER_SCA>"
2
3// Request sensitive data via the card object
4card.getPin(singleUseToken: singleUseToken) { result in
5  switch result {
6    case .success(let pinView):
7      // Receives a UI component that you can display to the user
8    case .failure(let error):
9      // If something goes wrong, you'll receive an error with more details
10  }
11}

The UI component protects the returned value and delivers it directly to the user. The sensitive card data is never displayed to you, or sent to your server.

The UI component's visuals are defined by the values you supplied to CardManagementDesignSystem when you integrated the Android SDK or iOS SDK.

If you're a regulated entity, or you're issuing cards to your business, you can display the card details using the API:

To do this, call the Get the card credentials endpoint with the cardId value, and specify which details to retrieve with the credentials field. For example:


1{
2  "credentials": "number, cvc2"
3}

Note

When you call the Create a card endpoint for a virtual card, the successful 201 response will include both the Card number (PAN) and CVC2 details.

To do this:

In the Dashboard, go to the Card issuing tab. Select Cards.
Use search or filters to find a card.
Click on the card to view its details
Select View card credentials. This option will only be available to you if you have permission to view card details.

To view card details, users must have the required user permission. For security reasons, no default roles include this permission by default. This means you have to create a custom role, which you can assign to your users.

To create a custom role:

In the Dashboard, go to the Teams tab.
Select Permissions.
Create a new role.
Give the new role a name, then add the View card number and cvc2 permission.
Save the new role.

To assign the custom role:

Go to the Teams tab.
Select Permissions.
Select an existing user and apply the custom role to them. Alternatively, create a new user and apply the custom role. The user will now be able to view the card details in the Dashboard.

We've made some changes to our API

Display card details

Display card details in your app

Authenticate the cardholder

Note

Retrieve the cardholder's cards

Retrieve and display secure card details

Display card details using the API

Note

Display card details in the Dashboard

Allow users to view card details