Airwallex logo

Management of payment credentials

When you manage recurring transactions, Airwallex takes care of safely storing your buyer's payment credentials in our secure card vault on your behalf. For security reasons, you cannot retrieve the data in clear and you cannot store the data by yourself unless you have a PCI-DSS AOC.

Retrieve stored credentials

Whenever you need to manage your buyer's credentials or wish to propose the selection of a default one to improve a later checkout experience you can retrieve and list a token associated with each of the stored credentials.

Use GET /api/v1/pa/payment_methods?customer_id=your_customer_id you may also wish to include the type to indicate a specific payment method (i.e. wechatpay, card, etc.)

curl -X GET \
  https://pci-api.airwallex.com/api/v1/pa/payment_methods?status=VERIFIED?customer_id=cus_UrYZVNWkN6OSHb7dSIbQOR1Mdr7 \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer your_bearer_token' \
{
    "has_more": false,
    "items": [
        {
            "id": "mtd_WXM9QfJh0zWX7sQDSIYcbDwAhFd",
            "request_id": "4739b731-fb60-48d0-ab64-f90cd70271df",
            "customer_id": "cus_FEcD53g0XlkAiZ6RJToHltslQzO",
            "type": "card",
            "card": {
                "expiry_month": "01",
                "expiry_year": "2023",
                "name": "Adam",
                "bin": "401200",
                "last4": "1003",
                "brand": "visa",
                "issuer_country_code": "RU",
                "card_type": "credit",
                "fingerprint": "Viy7U4n4UoLAcY9MVrdVqDFdXt0=",
                "cvc_check": "unknown",
                "avs_check": "unknown"
            },
            "status": "VERIFIED",
            "created_at": "2020-06-28T09:18:28+0000",
            "updated_at": "2020-06-28T09:21:11+0000"
        }
    ]
}

Update saved card details

Over time, changes in the credentials of your buyer may occur (i.e. a payment card is renewed and the expiry date changes, etc.). You have the possibility to provide those changes to Airwallex and we will update your buyer's payment credentials accordingly.

NOTE: You will only be able to change the cardholder name, and expiry details. In case you wish to create a new set of payment credentials including a new card number a new token will be provided to you.

curl -X POST \
  https://pci-api.airwallex.com/api/v1/pa/payment_methods/mtd_2vnjeuHKPnUxHHBZy7ec4LPXfpe/update \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer your_bearer_token' \
  -d '{
    "request_id": "{{$guid}}",
    "card": {
      "expiry_month": "01",
      "expiry_year": "2024",  
      "name": "Violet"
    }
}'
{
    "id": "mtd_2vnjeuHKPnUxHHBZy7ec4LPXfpe",
    "request_id": "1deb1754-0e4d-44f5-8f8a-50634d875753",
    "customer_id": "cus_FEcD53g0XlkAiZ6RJToHltslQzO",
    "type": "card",
    "card": {
        "expiry_month": "12",
        "expiry_year": "2024",
        "name": "Violet",
        "bin": "401200",
        "last4": "1003",
        "brand": "visa",
        "issuer_country_code": "RU",
        "card_type": "credit",
        "fingerprint": "Viy7U4n4UoLAcY9MVrdVqDFdXt0=",
        "cvc_check": "unknown",
        "avs_check": "unknown"
    },
    "status": "VERIFIED",
    "created_at": "2020-06-28T09:18:28+0000",
    "updated_at": "2020-06-28T09:55:04+0000"
}

Delete stored credentials

In case you wish to delete the payment credentials stored in our platform use the endpoint POST /api/v1/pa/payment_methods/{id}/disable to make them not usable anymore.

Those credentials cannot be used to create any new Payment Intent. Existing Payment Intents stay unmodified.

curl -X POST \
  https://pci-api.airwallex.com/api/v1/pa/payment_methods/mtd_2vnjeuHKPnUxHHBZy7ec4LPXfpe/disable \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer your_bearer_token' \
  -d '{
    "request_id":"53f471b9-81cd-464b-bc0d-d39cefda3a30"
}'
{
    "id": "mtd_2vnjeuHKPnUxHHBZy7ec4LPXfpe",
    "request_id": "1deb1754-0e4d-44f5-8f8a-50634d875753",
    "type": "card",
    "card": {
        "expiry_month": "12",
        "expiry_year": "2022",
        "name": "Adam",
        "bin": "401200",
        "last4": "1003",
        "brand": "visa",
        "issuer_country_code": "RU",
        "card_type": "credit",
        "fingerprint": "Viy7U4n4UoLAcY9MVrdVqDFdXt0=",
        "cvc_check": "unknown",
        "avs_check": "unknown"
    },
    "status": "DISABLED",
    "created_at": "2020-06-28T09:18:28+0000",
    "updated_at": "2020-06-28T09:56:35+0000"
}