Accessing PAN & CVV

Get PAN credentials

PAN & CVV are available for both Virtual and Physical cards

PAN & CVV are sensitive datas ! Never store PANs on your side and handle this data carefully. Your liability will be incurred in accordance with your contract !

PAN & CVV are generated during card creation, and depends on the Scheme and the Program. It is stored securly, and must not be stored on Partner or Enduser side for security reasons.

PAN & CVV can be displayed to the Enduser, so he can proceed with e-commerce payment transactions.

Displaying the PAN & CVV has to be done with precautions :

  • A Strong Customer Auhtentication (SCA) has to be performed before displaying the PAN.
  • PAN & CVV has to be requested each time it has to be displayed. Never store the PAN.

GET /api/partner/cards/{cardId}/pan/credentials

For security reason, the answer will not be directly the PAN & CVV, you will receive a token and a secret :

OK

Response Schema: application/json
token
required
string

The token to allow your end-user to use the PAN SDK.

secret
required
string

The secret to allow your end-user to use the PAN SDK.

ttl
required
string
Default: "PT1M"

The secret remaining time to live duration in ISO 8601.

application/json
{
  • "token": "237733595",
  • "secret": "066#28055031",
  • "ttl": "PT8H6M12.345S"
}

Token and Secret are only available for 60 sec.

Display the PAN

Token and Secret have to be used to feed the PAN display SDK, to safely display these information to the Enduser. All information about SDK integration are available Here.

SDK has to be installed on the Endsuser App.