question

bhphill avatar image
bhphill asked David Marginian Deactivated edited

JSON Api: Card Type on Payment

I am trying to use the JSON API to determine the card type that was used to make a payment on a Clover Flex device. I am able to find the card type via:

  1. GET /v3/merchants/{ mid}/payments/?expand=cardTransaction

My issue with that particular call is the extra data that comes back by expanding cardTransaction, including the first 6 digits of the card number and the last 4 digits of the card number. Our goal is to limit our PCI exposure as much as we can and our InfoSec team is saying that if "first6" comes across the wire (even if we do not store it) that there are PCI impacts for us.

"cardType": "VISA",

"entryType": "PINPAD_MANUAL_ENTRY",

"first6": "411111",

"last4": "1111",


My question is: Is there another way to get the card type, or is there a way to filter the output to exclude specific return values?

Thanks!

REST API
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
David Marginian avatar image
David Marginian Deactivated answered David Marginian Deactivated edited

No, there is not. I am not a PCI expert but I don't think your infosec team is correct (I think it has to be the full PAN).

10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community