No momento, esta página não está disponível em português
Issuin icon

Reveal card details using standard encryption methods

Allow your cardholders to see their card verification code (CVC), primary account number (PAN) and expiration date.

You can allow your cardholders to access the details of their Adyen-issued card within your app or website. This page explains how to implement a feature to securely reveal card details in your user interface, such as:

  • Card verification code (CVC)
  • Expiration date
  • Primary account number (PAN)

To reveal the card details in your user interface, you must first get the card details data from Adyen. To securely request the data, you use a base64-encoded RSA public key and an Advanced Encryption Standard (AES) key to generate an encrypted session key.

Use the session key to request Adyen to reveal the card details. This response contains the encrypted card data assigned to the Adyen-issued card. You must extract the data from the decrypted response and then reveal them to the cardholder in your interface.

The following sequence diagram illustrates the workflow.

As shown in the diagram, the steps for revealing the card details are:

  1. Get an RSA public key from Adyen.
  2. Generate an AES key.
  3. Generate an encrypted session key.
  4. Request card details from Adyen.
  5. Decrypt and reveal the card details in your user interface.

Requirements

Ensure that:

Get a public key from Adyen

You need a base64-encoded RSA public key to generate an encrypted session key. You must use the Configuration API to get the public key from Adyen.

To get a public key:

  1. Make a GET /publicKey request with the query parameter purpose set to panReveal.

    The response contains:

    • The public key
    • The expiry date of the public key
  2. Pass the publicKey to your front end.

Generate an AES key

You need a 256-bit AES encryption key to generate an encrypted session key. You can generate this key by using a random bit generator.

Generate an encrypted session key

You need an encrypted symmetric session key to securely request the card details from Adyen. To generate the encrypted session key, encrypt the AES key you generated key you generated in the previous step.

For the encryption, use:

Request card details from Adyen

Request from Adyen the encrypted card details as follows:

  1. Make a POST /paymentInstruments/reveal request and specify the following parameters:

    Parameter Description
    paymentInstrumentId The unique identifier of the card for which you are revealing the details.
    encryptedKey The encrypted symmetric session key.

    The response contains the encryptedData.

  2. Pass the encryptedData to your client.

Decrypt and reveal card details

To reveal the card details you must:

  1. Decrypt the encryptedData using:
  2. Render the extracted card details in your app or on your website.

The following code is an example of decrypted card details.

After decrypting the data, you can reveal it to the cardholder in your interface.