developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a question

How to Extract Credit Last 4 Digits + Card Expiration Date from CIM

Looking at the getCustomerProfileResponse XML, cardNumber and expirationDate are completely masked. In order to 1.) help our customers with multiple credits cards on file identify which they want to use, and 2.) send email notifications regarding upcoming card expirations, I'd like to access last 4 digits and expiration dates from an API call.

 

Is this not possible?

 

When I log in to the CIM web interface, this information is available. If it's not available from the API, is it against the ToS to scrape it?

1 person had this problem.
rm
Contributor

‎07-14-2011 11:22 AM

0 Kudos
Reply
3 REPLIES 3

From what my CIM setup is doing,  AuthNet returns a variable called 'creditCard' which is the last four digits of the customer card with four X's in front of it.

 

Example:  creditCard=XXXX1234

 

You can parse that out of the results using

echo urlencode($parsedresponse->profile->paymentProfiles->payment->creditCard->cardNumber)

 

I have not seen any indication that they pass the expiration date at all.. at least I haven't seen it in the documentation or the raw data returned on the requests for payment information... but I could easily be wrong about that :)

 

WHeisenberg
Regular Contributor

‎07-14-2011 01:57 PM

0 Kudos
Reply

You're right. So cardNumber last 4 digits are available, but expirationDate is completely obfuscated:

 

<?xml version="1.0" encoding="utf-8"?><getCustomerPaymentProfileResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd"><messages><resultCode>Ok</resultCode><message><code>I00001</code><text>Successful.</text></message></messages><paymentProfile><billTo><address>123 Main St.</address><city>Bellevue</city><state>WA</state><zip>98004</zip></billTo><customerPaymentProfileId>16867489</customerPaymentProfileId><payment><creditCard><cardNumber>XXXX2007</cardNumber><expirationDate>XXXX</expirationDate></creditCard></payment></paymentProfile></getCustomerPaymentProfileResponse>

 

Half of my original question still stands: Is there way to get expiration date via the API, and if not, is it ok for me to scrape it from what I can see when I'm logged in to the CIM website?

rm
Contributor
In response to WHeisenberg

‎07-14-2011 03:12 PM

0 Kudos
Reply

There is no way to get the expiration date from any API (CIM or otherwise) back from AuthNet.

 

As far as the 'legality',   we'll have to wait to see what the legal-eagle's have to say about that.   Manually moving secure data into your own database probably has rules or regulations.. I don't know the answer to that one.

 

So now 1/4 of your original question still stands :)

 

Wheis

 

 

WHeisenberg
Regular Contributor
In response to rm

‎07-18-2011 10:38 AM

0 Kudos
Reply
Copyright © 2024 Khoros, LLC