The CardResponse object contains the card information returned in payment responses. Sensitive data is masked or represented as flags for security.
Properties
| Field | Type | Description |
|---|
bin | string | Bank Identification Number (BIN) - first 8 digits for Visa/Mastercard, first 6 digits for Amex |
holderName | string | Name printed on the card |
cvvPresentDuringAttempt | boolean | Indicates whether CVV was provided during the payment attempt |
expiryMonth | string | Expiration month (01-12) |
expiryYear | string | Expiration year (4 digits) |
brand | string | Card brand (e.g., “VISA”, “MASTERCARD”, “AMEX”) |
Security Notes
Sensitive Data Protection - The CardResponse object is designed to return only non-sensitive card information for security purposes.
- BIN Information: Only the Bank Identification Number is returned, not the full card number
- CVV Status: The
cvvPresentDuringAttempt flag indicates whether CVV was provided without exposing the actual value
- Data Masking: All sensitive card data is masked or excluded from responses
- PCI Compliance: This response format helps maintain PCI DSS compliance by avoiding storage of sensitive card data
Examples
Visa Card Response
{
"bin": "41111111",
"holderName": "John Doe",
"cvvPresentDuringAttempt": true,
"expiryMonth": "12",
"expiryYear": "2025",
"brand": "VISA"
}
Mastercard Response
{
"bin": "55555555",
"holderName": "Jane Smith",
"cvvPresentDuringAttempt": false,
"expiryMonth": "06",
"expiryYear": "2026",
"brand": "MASTERCARD"
}
Amex Response
{
"bin": "378282",
"holderName": "Bob Johnson",
"cvvPresentDuringAttempt": true,
"expiryMonth": "03",
"expiryYear": "2027",
"brand": "AMEX"
}
