- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to Extract Credit Last 4 Digits + Card Expiration Date from CIM
Looking at the getCustomerProfileResponse XML, cardNumber and expirationDate are completely masked. In order to 1.) help our customers with multiple credits cards on file identify which they want to use, and 2.) send email notifications regarding upcoming card expirations, I'd like to access last 4 digits and expiration dates from an API call.
Is this not possible?
When I log in to the CIM web interface, this information is available. If it's not available from the API, is it against the ToS to scrape it?
07-14-2011 11:22 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
From what my CIM setup is doing, AuthNet returns a variable called 'creditCard' which is the last four digits of the customer card with four X's in front of it.
Example: creditCard=XXXX1234
You can parse that out of the results using
echo urlencode($parsedresponse->profile->paymentProfiles->payment->creditCard->cardNumber)
I have not seen any indication that they pass the expiration date at all.. at least I haven't seen it in the documentation or the raw data returned on the requests for payment information... but I could easily be wrong about that :)
07-14-2011 01:57 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You're right. So cardNumber last 4 digits are available, but expirationDate is completely obfuscated:
<?xml version="1.0" encoding="utf-8"?><getCustomerPaymentProfileResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd"><messages><resultCode>Ok</resultCode><message><code>I00001</code><text>Successful.</text></message></messages><paymentProfile><billTo><address>123 Main St.</address><city>Bellevue</city><state>WA</state><zip>98004</zip></billTo><customerPaymentProfileId>16867489</customerPaymentProfileId><payment><creditCard><cardNumber>XXXX2007</cardNumber><expirationDate>XXXX</expirationDate></creditCard></payment></paymentProfile></getCustomerPaymentProfileResponse>
Half of my original question still stands: Is there way to get expiration date via the API, and if not, is it ok for me to scrape it from what I can see when I'm logged in to the CIM website?
07-14-2011 03:12 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is no way to get the expiration date from any API (CIM or otherwise) back from AuthNet.
As far as the 'legality', we'll have to wait to see what the legal-eagle's have to say about that. Manually moving secure data into your own database probably has rules or regulations.. I don't know the answer to that one.
So now 1/4 of your original question still stands :)
Wheis
07-18-2011 10:38 AM