Last update: March 8th, 2017
Card Info API represents the automated way of retrieving informations abount a given card.
You should confirm with PayU that all necessary settings and configurations are correct on your merchant account and terminal.
To authenticate your request you will need to provide:
curl https://secure.payu.ro/api/card-info/v2/ \
-d cc_cvv=123 \
-d cc_number=4111111111111111 \
-d cc_owner=Daniel \
-d dateTime=2017-03-02T12:04:24+00:00 \
-d exp_month=12 \
-d exp_year=2018 \
-d merchant=CC1 \
-d extraInfo=true \
-d signature=7bad10e73f4ae85f41a03e846dba068647a795a4267772e71710bf91fbf50491
curl https://secure.payu.ro/api/card-info/v2/ \
-d token=12334234 \
-d dateTime=2017-03-02T12:04:24+00:00 \
-d merchant=CC1 \
-d extraInfo=true \
-d signature=7bad10e73f4ae85f41a03e846dba068647a795a4267772e71710bf91fbf50491
For security reason, each HTTP request must carry a unique signature. The signature is calculated using data
from all parameters sent in the HTTP (excepting "signature", and including the authentication parameters),
the Merchant's secret key and the HMAC method with SHA256 algorithm to encrypt data.
For example, let's consider that a Merchant (CC1 with secret key SECRET_KEY) sends the HTTP request to the
API containing the following parameters and values:
'cc_cvv' => '123'
'cc_number' => '4111111111111111'
'cc_owner' => 'Daniel'
'exp_month' => '12'
'exp_year' => '2018'
'merchant' => 'CC1'
'dateTime' => '2017-03-02T12:04:24+00:00'
or for Token method
'merchant' => 'CC1'
'token' => '2f69630c68a42f53da11b46e7e4ed0d3'
'dateTime' => '2017-03-02T12:04:24+00:00'
Using the example, this is the order of significant parameters after the sort:
'cc_cvv' => '123'
'cc_number' => '4111111111111111'
'cc_owner' => 'Daniel'
'dateTime' => '2017-03-02T12:04:24+00:00'
'exp_month' => '12'
'exp_year' => '2018'
'merchant' => 'CC1'
or for Token method
'merchant' => 'CC1'
'dateTime' => '2017-03-02T12:04:24+00:00'
'token' => '2f69630c68a42f53da11b46e7e4ed0d3'
Now, based on this, the entire source string for the values of the sorted parameters at Step 1 will be:
For the calculated source string, the signature value will be:
3d0c2e7dd853185fb1bad3b7de778c9330c8515c93ef400c5019a3ce23ee78a1
or for Token method
c78208eed51af0f002f047b7ee4b1f88225bea5fe314c7d89b45848616187bb8
See Authentication for more information on how to send authentication credentials
PayU will also calculate the signature on its side using the data received, and it will match it against the signature sent by the Marketplace master account.
The Card Info Web Service is a REST-ful web service.
| Field | Type | Description |
| merchant | String | The Merchant's code, available in Control Panel ([Account Management / Account Settings](https://secure.payu.ro/cpanel/account_settings.php)) |
| dateTime | String | Time of the request in UTC. Format according to ISO_8601 (ex: 2017-02-21T15:17:47Z) |
| signature | String | HMAC_SHA256 signature applied on all parameters from the request. Source string for HMAC_SHA256 will be calculated by adding the length of each field value at the beginning of field value. A common key shared between PayU and the merchant is used for the signature. Find more details on how is HASH generated by clicking HERE. |
| cc_cvv | String | The CCV/CVV2 code for the card. For some card types this can be empty, otherwise it should have a numerical value. |
| cc_owner | String | The cardholder name of the card. For most of the cards, this can be omitted. When specified, it must be included in the hash calculation and will be used at hash validation on API side. |
| exp_year | String | The year in which the card used expires |
| exp_month | String | The month in which the card used expires |
| cc_number | String | Card Number - missing if token provide |
| extraInfo | String | This field is optional. If it is set to 'true', the response will contain extra info (if available) about the card (eg. Loyalty points). Not setting it or setting another value beside 'true' has the same effect. Nowever, if it is set, it must be included in the signature calculation. |
Curl request example with request authentication parameters:
curl https://secure.payu.ro/api/card-info/v2/ \
-d cc_cvv=123 \
-d cc_number=4111111111111111 \
-d cc_owner=Daniel \
-d dateTime=2017-03-02T11%3A58%3A45%2B00%3A00 \
-d exp_month=12 \
-d exp_year=2018 \
-d merchant=CC1 \
-d extraInfo=true \
-d signature=7bad10e73f4ae85f41a03e846dba068647a795a4267772e71710bf91fbf50491
Returns card information for a given cardBin.
Response example:
{
"meta":{
"code":200,
"message":"success"
},
"cardInfo":{
"cardMask":"4111-xxxx-xxxx-1111",
"binNumber":"411111",
"cardBrand":"VISA",
"issuerBank":"BRD Groupe Societe Generale",
"issuerCountry":"Romania",
"cardType":"DEBIT",
"cardProfile":"CONSUMER",
"cardProgram":"",
"installmentOptions":[
],
"loyaltyPoints":[
]
}
}
{
"meta":{
"code":401,
"message":"Missing datetime parameter."
}
}
| Field | Type | Description |
| merchant | String | Merchant Identifier provided by PayU |
| dateTime | String | Time of the request in UTC. Format according to ISO_8601 (ex: 2017-02-21T15:17:47Z) |
| signature | String | Calculated signature according to above described algorithm |
| token | String | Card token. If specified exp informations are not required. |
| extraInfo | String | This field is optional. If it is set to 'true', the response will contain extra info (if available) about the card (eg. Loyalty points, Fx Info). Not setting it or setting another value beside 'true' has the same effect. Nowever, if it is set, it must be included in the signature calculation. |
Request example with request authentication parameters:
curl https://secure.payu.ro/api/card-info/v2/ \
-d dateTime=2017-03-02T11%3A58%3A45%2B00%3A00 \
-d merchant=CC1 \
-d extraInfo=true \
-d signature=7bad10e73f4ae85f41a03e846dba068647a795a4267772e71710bf91fbf50491
Returns card information for a given cardBin.
Response example:
{
"meta":{
"code":200,
"message":"success"
},
"cardInfo":{
"cardMask":"4111-xxxx-xxxx-1111",
"binNumber":"411111",
"cardBrand":"VISA",
"issuerBank":"BRD Groupe Societe Generale",
"issuerCountry":"Romania",
"cardType":"DEBIT",
"cardProfile":"CONSUMER",
"cardProgram":"",
"installmentOptions":[
],
"loyaltyPoints":[
],
"fxInfo": [
],
"paymentMethod":"CCVISAMC"
}
}
{
"meta":{
"code":401,
"message":"Provided card or token were not valid."
}
}
{
"meta": { // (mandatory) Meta data related to the status of the request
"code":200, // (m) Response code. Possible values are 200 for success, 401 for error
"message":"success" // (m) Response message. Possible values are "success" for response code 200 or error description for response code 401
},
"cardInfo":{ // (optional) Object containing the requested information. This will be missing in case response code is not 200
"cardMask":"411111**********", // (m) Masked card number
"binNumber":"411111", // (m) BIN(first 6 digits) of the requested card
"cardBrand":"VISA", // (m) Possible values: VISA, MASTERCARD etc
"issuerBank":"BRD Groupe Societe Generale", // (m) Name of the bank that issued the card
"issuerCountry":"Romania", // (m) Name of the country where the card was issued
"cardType":"DEBIT", // (m) Possible values: DEBIT, CREDIT
"cardProfile":"CONSUMER", // (m) Possible values: CONSUMER, COMMERCIAL, UNKNOWN, NOT_FOUND, BOTH
"cardProgram":"Name of the program", // (m) Name of the program in which the card is enrolled. Comes empty if the card is not enrolled in any.
"installmentOptions":[ // (m) Array containing the installment plans (if any is available).
{
"installmentNumber": 1, // Number of installments for this installment plan
"installmentAditionalCostPercent": 0.00 // The additional cost aplied to the price for using this installment plan. eg: 0.05 translates to a 5% added to the price
},
{
"installmentNumber": 6,
"installmentAditionalCostPercent": 0.05
}
],
"loyaltyPoints":[ // (m) Array containing the number and types of available loyalty points
{
"type": "FBB", // (m) Loyalty point type
"number": "60", // (m) Number of loyalty points
"moneyValue": {
"amount": "30", // (m) The value in money of those points. The value for the same number of points is different for each type of loyalty points
"currency": "USD" // (m) The currency in which the amount is converted
}
},
{
"type": "BNS",
"number": "40".
"moneyValue": {
"amount": "10",
"currency": "EUR"
{
}
],
"fxInfo":[ // Array containing informatiom about the FX feature from the original order
"selectedCurrency": "EUR" // exchange currency used for the original order
],
"paymentMethod":"CCVISAMC" //the payment method to be used for payments with this card
}
}