Displaying cards

This page explains how to manage cards by API and has the following sections:

• Getting, topping up and blocking or cancelling cards
• Getting cardholder details
• Getting the long card number and CVC2
• Getting the card PIN

Cards can also be managed manually from our mobile app and the cards section of our web app.

Managing cards

How to get, top up, cancel and block cards is documented in the Admin APIs section

• Getting cards
• Topping up cards
• Blocking or cancelling cards

Getting cardholder details

When getting a card, a userId is returned

{
  "userId": ":user-id",
  ...
}

You can use this id to get the cardholder details as described here.

Getting the long card number and CVC

❗️

PCI compliance

For PCI compliance reasons, you have to make sure to never store the long card number or CVC2.

To get the long card number and CVC2 you first call this API:

curl {baseURL}/cards/:cardId/paymentdetails?ipAddress=ip-address  
-H "Content-type: application/json"  
-X GET

The ip-address is the address of the browser or mobile app, so your user's IP address. It is not the IP address of your backend servers. You can get the IP address using a service like json.ip

The response will look like this:

{
  "url": "{baseURL}/cards/pan/:pan-id"
}

You can now get the long number by using that url to get the results:

curl {baseURL}/cards/pan/:pan-id
-H "Content-type: application/json"  
-X GET

The response will look like this:

{
  "card_name": "Frank Underwood",
  "card_pan": "4000000000000000",
  "card_exp_date": "2025-02-28",
  "card_cvc2": "123"
}

Getting the card PIN

❗️

PCI compliance

For PCI compliance reasons, you have to make sure to never store the PIN.

You can get the PIN for a card like this

curl {baseURL}/cards/:cardId/pin?ipAddress=ip-address  
-H "Content-type: application/json"  
-X GET

As before, the ip-address is the address of the browser or mobile app, so your user's IP address. It is not the IP address of your backend servers. You can get the IP address using a service like json.ip

The response will look like this:

{
  "url": "pin-url"
}

You can then use this response to get the PIN

curl https://app.yordex.com/get-response-from-url
-H "Content-type: application/json"  
-X POST '{
  "url": "pin-url"
}'

Please use the URL shown in this sample code. This is the only API call that does not use our {baseURL}.

The response will include the PIN

{
  "card_pin":"xxxx"
}